Jump to content

hardracer

Honorary Members
  • Posts

    26
  • Joined

  • Last visited

Everything posted by hardracer

  1. thank you so much for your reply back today. i dont have AVG turned on for real time nor the firewall(i dont think anyways),i use it for scans every once in awhile.i will check. regardless i will do what you say and delete one. the link you sent me is kinda hard to read(on mine anyways)due to some google advertisments right in the middle of the paragraph. i got the jist of it though. about 3 hours before your reply all my icons came back after i used about 6 icons on the screen. wasnt my intentions for finding a cure,just using the programs---then after that i finally noticed---hey there all back!, too stange. ==Did you notice anything in the HJT that could be deleted out? ==You dont think that the malaware stuff MBAM found and i deleted had anything to do with the icons changing? (i kinda noticed that you guys do fix our computers out here and i for cannot express the thanks enough for it but never really explain why or how anything happens). there were 6 entries basically 2 sets of 3 think 1 said disabled firewall alert,another said disabled anti-virus alert and i dont remember what the 3rd said. but each was done twice i remember that. i downloaded the shellicon fix and have it saved should i need it in the future. thanks once again and please post 1 more reply for my questions i just wrote. THANKS, Hard
  2. hello, as informed im posting here. all but a few icons on my desktop have turned to those generic looking icons except for recycle bin,ATF cleaner and folders that i added. i do keep up with the current dl's of malwarebyes program,ran a scan of that and found like 6 entries in the registry,quarantine a deleted those,restarted,icons still wrong.ran a scan again and nothing found. i keep all my other malware programs up to date daily.they didnt pick anything up. did i miss something? has the damage already been done and in need of repair? what do you need from me? ill send a HJT log and a mbam log please help and ask more questions from me. thank you for the help. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:31:44 AM, on 4/4/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Logitech\Gaming Software\LWEMon.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe C:\WINDOWS\system32\hphmon04.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\a-squared Free\a2service.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\system32\PSIService.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\WINDOWS\system32\HPHipm11.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Program Files\MSN\MSNCoreFiles\msn.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.earthlink.net/ O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [AODAssist.exe] C:\Program Files\AMD\AMD OverDrive\AODAssist.exe O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe" O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe" O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Filter hijack: text/html - {6c221522-57c4-4b70-a55f-c656227342f2} - (no file) O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: Marvell RAID Event Agent (Marvell RAID) - Unknown owner - C:\Program Files\Marvell\61xx\svc\mvraidsvc.exe O23 - Service: MRU Web Service (MRUWebService) - Apache Software Foundation - C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 8281 bytes Malwarebytes' Anti-Malware 1.35 Database version: 1939 Windows 5.1.2600 Service Pack 2 4/4/2009 8:31:30 AM mbam-log-2009-04-04 (08-31-30).txt Scan type: Quick Scan Objects scanned: 69073 Time elapsed: 3 minute(s), 4 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  3. hello, been awhile since i was here last. seems i only come when something happens that i cant figure out. i got this problem that just started tonight. all but a few icons on my desktop have turned to those generic looking icons except for recycle bin,ATF cleaner and a few folders that i added. i do keep up with the current dl's of malwarebyes program,ran a scan of that and found like 6 entries in the registry,quarantine a deleted those,restarted,icons still wrong.ran a scan again and nothing found. i keep all my other malware programs up to date daily.they didnt pick anything up. did i miss something? has the damage already been done and in need of repair? what do you need from me? ill send a HJT log(if i can remember how) please help and ask more questions from me. thank you in advance for the help. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:53:44 PM, on 4/3/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Logitech\Gaming Software\LWEMon.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe C:\WINDOWS\system32\hphmon04.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\a-squared Free\a2service.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\system32\PSIService.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\WINDOWS\system32\HPHipm11.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\MSN\MSNCoreFiles\msn.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.earthlink.net/ O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [AODAssist.exe] C:\Program Files\AMD\AMD OverDrive\AODAssist.exe O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe" O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe" O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Filter hijack: text/html - {6c221522-57c4-4b70-a55f-c656227342f2} - (no file) O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: Marvell RAID Event Agent (Marvell RAID) - Unknown owner - C:\Program Files\Marvell\61xx\svc\mvraidsvc.exe O23 - Service: MRU Web Service (MRUWebService) - Apache Software Foundation - C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 8112 bytes
  4. hi jean, sorry for being such a pain in the butt and still a very very warm thank you for helping me out. i know about msconfig from the other computer and having problems when i 1st found malwarebytes(way back like 2 years ago). the "brask" has been unchecked all along in the startup section of it. what i was asking was---how do i delete it totaly out of there(like so i dont see it anymore?) occasionally i see i new icon down by the clock that i know isnt suppose to be there,thats when i goto msconfig and see whats goin on. as for that other stuff you wrote for me to do/try,i dont think im in that catagory,none of that crashing restarting stuff is happening to me,well it is but not in the sense your probaly thinking. it asks me to choose what operating i want to run,if i choose "xp settup"thats when it reboots,if i choose "xp home edition"it goes on fine. ive tried taking a screenshot of it but it wont take--dunno if its to early in the start process to let it-i dunno maybe. id swear it has somthing to do with the xp disc that i used to get things going again...like it didnt finish or something...maybe?(it never told me it was done or anything like that if any of this sounds familiar or you have no clue,do you know of anywhere i can look/search for answers.im getting nothing searching. thanks once again.
  5. so sorry jean,didnt see the very 1st line you wrote about taking it out of startup. i dont know how to do this.unless im mising somthing very simple... sry,im no good at doing the important stuff on the computer.
  6. thank you so much jean. what about the black startup screen? what about "brastk.exe"still being in the configuration startup page in msconfig? what are your thoughts on these questions? can you send me someplace to figure out how to 1)stop the start page thing 2)how to get rid of(delete) the brastk entry in the start up page in msconfig i know this might not be the proper place to ask but both of these problems are a result of being infected by the brastk thing im pretty sure. again thank you so much for all the help. just send an email stating what you think
  7. hi jean, i dont think its doing the safe mode thing,i payed attention tonite when i started. i t says"please select the operating system to start" "microsoft windows xp home edition" "microsoft windows xp setup" "use the up/down arrow keys to move the highlight to your choice" "press enter to choose" if i select setup it just keeps restarting and asking the same thing here,if i choose home edition it goes on as normal. think this has something to do with when i put the xp disc back in to get things goin again? thats when i started seeing this page. i did not see those 2 entries when i sent the log yesterday..hmmmm,so much for being comp. genius huh?...lol brastk.exe is still in the startup menu in msconfig page(still unchecked)..can we delete this after we're done?i dont like seeing it. i didnt have to reboot in normal as requested as i wasnt in safe mode but i did anyway for you. sry for the long write ups,just more info for you to tackle upon,please feel free to tell me to stop if this is a bad thing. well...here the logs u requested. cant thank you enough for looking into my situation. Malwarebytes' Anti-Malware 1.29 Database version: 1304 Windows 5.1.2600 Service Pack 2 10/21/2008 7:39:57 PM mbam-log-2008-10-21 (19-39-57).txt Scan type: Quick Scan Objects scanned: 47475 Time elapsed: 2 minute(s), 34 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:49:05 PM, on 10/21/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Logitech\Gaming Software\LWEMon.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe C:\WINDOWS\system32\hphmon04.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\a-squared Free\a2service.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe C:\WINDOWS\system32\PSIService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\WINDOWS\system32\HPHipm11.exe C:\Program Files\MSN\MSNCoreFiles\msn.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.earthlink.net/ O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [AODAssist.exe] C:\Program Files\AMD\AMD OverDrive\AODAssist.exe O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe" O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe" O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: Marvell RAID Event Agent (Marvell RAID) - Unknown owner - C:\Program Files\Marvell\61xx\svc\mvraidsvc.exe O23 - Service: MRU Web Service (MRUWebService) - Apache Software Foundation - C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 7663 bytes
  8. here you are...hope i did it right. i should also mention(which i forgot about before)..... when i turn my comp. on i get a screen asking somthing like "which way do u want to start windows",somthing like that i dont remember at the moment. its a black screen. i do remember that i have to choose "use xp home edition"for it start goin,otherwise it reboots again and asks the same.ill pay more attention to this the next time i turn it on. the panda scan says my norton is disabled...my norton says its working and im protected. which is right here?something is going on here obviously because i caught somthing. i also have that "brastk.exe" thingy in my startup(unchecked)in msconfig. thanks for attending to my issue. Malwarebytes' Anti-Malware 1.29 Database version: 1299 Windows 5.1.2600 Service Pack 2 10/20/2008 9:49:03 PM mbam-log-2008-10-20 (21-49-03).txt Scan type: Quick Scan Objects scanned: 47285 Time elapsed: 2 minute(s), 6 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) ;******************************************************************************* ******************************************************************************** * ******************* ANALYSIS: 2008-10-20 22:24:31 PROTECTIONS: 2 MALWARE: 1 SUSPECTS: 0 ;******************************************************************************* ******************************************************************************** * ******************* PROTECTIONS Description Version Active Updated ;=============================================================================== ================================================================================ = =================== Norton Antivirus Internet Security 2007 No Yes Norton 360 7.2.2.3 No No ;=============================================================================== ================================================================================ = =================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=============================================================================== ================================================================================ = =================== 00005760 spyware/tooncom Spyware No 0 Yes No c:\documents and settings\owner\local settings\temp\loader.exe ;=============================================================================== ================================================================================ = =================== SUSPECTS Sent Location 7 ;=============================================================================== ================================================================================ = =================== ;=============================================================================== ================================================================================ = =================== VULNERABILITIES Id Severity Description 7 ;=============================================================================== ================================================================================ = =================== 182048 HIGH MS07-069 7 182043 HIGH MS07-064 7 176382 HIGH MS07-057 7 170907 HIGH MS07-046 7 170906 HIGH MS07-045 7 170904 HIGH MS07-043 7 164913 HIGH MS07-033 7 160623 HIGH MS07-027 7 150253 HIGH MS07-016 7 141030 HIGH MS06-072 7 137568 HIGH MS06-067 7 133387 MEDIUM MS06-065 7 129976 MEDIUM MS06-052 7 126083 HIGH MS06-042 7 120814 HIGH MS06-021 7 114664 HIGH MS06-013 7 93394 HIGH MS05-050 7 ;=============================================================================== ================================================================================ = =================== Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:28:07 PM, on 10/20/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe C:\Program Files\a-squared Free\a2service.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Logitech\Gaming Software\LWEMon.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\hphmon04.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\PSIService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\WINDOWS\system32\HPHipm11.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\MSN\MSNCoreFiles\msn.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.earthlink.net/ O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [AODAssist.exe] C:\Program Files\AMD\AMD OverDrive\AODAssist.exe O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe" O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe" O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [brastk] C:\WINDOWS\system32\brastk.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [brastk] C:\WINDOWS\system32\brastk.exe (User 'Default user') O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: Marvell RAID Event Agent (Marvell RAID) - Unknown owner - C:\Program Files\Marvell\61xx\svc\mvraidsvc.exe O23 - Service: MRU Web Service (MRUWebService) - Apache Software Foundation - C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 7818 bytes
  9. the site is just to overwhelming for me!! i want to read it all,only theres to much here and way interesting too!! i used the site in the past with great results by the staff. for that iam a life long member. i pop in from time to time(havent been in awhile--just started getting back to the computer thing a couple months ago) you guys are awsome in your advice to fix every 1's problems and for that i thank everybody involved! just wanted to give you guys a thumbs up for all the work you do. if i had to guess id say im pretty sure that-all the staff does some hardcore behind the scenes researching to get solutions for all us computer"dummys"(at least in my case)out here who just wanna turn the thing on and check some emails and do an occasional search of the internet. you guys are just amazing!!!
  10. dont know if this is the right place for this or not, i have a problem similar to user"chasechunt". my computer started goin nuts last night-anyways i traced it down to "brastk.exe" thingy...which from what i researched does things assciated with the xp-antispyware thingy. here are some symptoms ive encountered--- 1)xp-antispyware wanting to download 2)loss of ie home page(have since fixed----i think) 3)cannot load specific sites to counter act the problem 4)could not get into safe mode(in safe mode now from doing xp upgrade do over) 5)could not get sytem restore to work 6)also have 2nd computer on router which doesnt seem to hold a connection(dont know if this is pertaining to this issue) 7)total loss of norton 360 here is what i have done--- 1)ran avg,a-squared,and ad-aware scans and deleted everything found(1 scan told me missing xp files vital to runnin system) 2)norton now works(still blocks computer from updating from symantic) 3)now in safe mode and am able to acces your site for info 4)dl'd MB,Spybot S&D,CCleaner and ran it,current version of HJT(not to sure how to use all of them) 5)unchecked bristk.exe from startup menu dont know if the upgrade stuff helps once i leave safe mode or not. think that covers it all,ask questions and tell me what to do if im in the right place for this. sorry for the long write-up but felt you should know all the stuff about the problem and what i did. im not real computer savvy.had problems along time ago with the other computer and you guys fixed me up great---so im a dedicated follower of your great site. thank you in advance for any help---please help!! hardracer
  11. thanks rock for all the help.... i do already have ad-aware and spybot which i check for updates everyday.....kinda weird how ewido,ad-aware,spywareblaster,spybot s&d,and norton didnt catch those little pesky things that panda did catch.i do really like that atf cleaner--saves me a bunch of steps....i delete all that stuff every night also. well anyways i'll keep in touch.thanks a bunch again---u guys "ROCK"...LOL
  12. did what u said...they both were there hj log as follows Logfile of HijackThis v1.99.1 Scan saved at 6:12:07 PM, on 9/6/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\windows\system\hpsysdrv.exe C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe C:\HP\KBD\KBD.EXE C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\EarthLink TotalAccess\TaskPanl.exe C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE C:\WINDOWS\System32\nvsvc32.exe C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE C:\WINDOWS\System32\wuauclt.exe C:\Program Files\MSN\MSNCoreFiles\msn.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\Owner\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.earthlink.net/channel/start R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: EarthLink Popup Blocker - {4B5F2E08-6F39-479a-B547-B2026E4C7EDF} - C:\Program Files\EarthLink TotalAccess\PnEL.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: EarthLink Toolbar - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink TotalAccess\PnEL.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [sSC_UserPrompt] "C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/sj/en/check/qdiagh.cab?326 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\System32\HPHipm11.exe O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
  13. i have done the ewido scan prior to starting this topic....found nothing. did atf cleaner... dl'd and run panda scan..here is as follows...appears i have some things... thanks rock...i sure do appreciate this. Incident Status Location Adware:adware program Not disinfected c:\windows\system32\logs1.ini Adware:adware/searchaid Not disinfected c:\windows\n_boxzgd.dat Potentially unwanted tool:Application/HideWindow.A Not disinfected C:\hp\bin\FondleWindow.exe Potentially unwanted tool:Application/KillApp.B Not disinfected C:\hp\bin\KillIt.exe Potentially unwanted tool:Application/KillApp.A Not disinfected C:\hp\bin\Terminator.exe
  14. hi guys, havent been here in awhile due to the fact that you guys fixed my computer so well.... anyways...i did a hijackthis log...could you guys take a peek and let me know if anything is out of the ordinary.computer(lately-last day or so) is showing alot of"NOT RESPONDING"messages..i know something is goin on here. thanks fellas, hard Logfile of HijackThis v1.99.1 Scan saved at 2:43:36 PM, on 9/4/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE C:\WINDOWS\System32\nvsvc32.exe C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\wuauclt.exe C:\windows\system\hpsysdrv.exe C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe C:\HP\KBD\KBD.EXE C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\EarthLink TotalAccess\TaskPanl.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpHost.exe C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\Owner\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.earthlink.net/channel/start R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: EarthLink Popup Blocker - {4B5F2E08-6F39-479a-B547-B2026E4C7EDF} - C:\Program Files\EarthLink TotalAccess\PnEL.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: EarthLink Toolbar - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink TotalAccess\PnEL.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [sSC_UserPrompt] "C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/sj/en/check/qdiagh.cab?326 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\System32\HPHipm11.exe O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
  15. hey jw.. current log is as follows.. does this stuff change everyday? Logfile of HijackThis v1.99.1 Scan saved at 7:10:23 PM, on 2/14/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\windows\system\hpsysdrv.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\System32\ctfmon.exe C:\Program Files\EarthLink TotalAccess\TaskPanl.exe C:\Program Files\Sprint DSL virtual assistant\bin\SprintVirtualAssistant.exe C:\Program Files\Sprint DSL virtual assistant\bin\mpbtn.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe c:\PROGRA~1\HEWLET~1\HPINST~1\common\MOTIVE~1.EXE C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\Owner\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.earthlink.net/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: EarthLink Popup Blocker - {4B5F2E08-6F39-479a-B547-B2026E4C7EDF} - C:\Program Files\EarthLink TotalAccess\PnEL.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: EarthLink Toolbar - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink TotalAccess\PnEL.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart O4 - Global Startup: Sprint virtual assistant.lnk = C:\Program Files\Sprint DSL virtual assistant\bin\matcli.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll O12 - Plugin for .png: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kav...can_unicode.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab' rel="external nofollow">http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab' rel="external nofollow">http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/SymAData.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/sj/en/check/qdiagh.cab?326 O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\System32\HPHipm11.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
  16. hi jw! Heres the ab log...worked like a champ!...Tell me what you see.(cause i have no clue...lol) Wat does--"FWIW" stand for? Im begining to like what im seeing..thks man! Hard AboutBuster 6.01 Scan started on [2/13/2006] at [5:31:56 PM] ------------------------------------------------------------- Internet Explorer Instances Terminated! HomeSearch Service stopped if present ------------------------------------------------------------- Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:adcdxj Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:aehvts Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:agftbl Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ajhkhb Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:aknyxa Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:amdjcl Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:aouvza Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:apwaaw Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:arvvmn Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:asewji Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:aslddm Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:atevql Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:awfnvj Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:axdvyb Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:aydqdl Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ayqaua Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:azbntm Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:benlle Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:bklncl Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:bngszl Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:btopib Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ciiaus Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:cjkxyh Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ckfgwg Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:clzaej Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:cqgnij Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:cqqban Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:cuxmwm Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:cyvste Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:demiga Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:dftgbp Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:dgevok Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:diaxrv Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:dibiri Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:djfdt Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:djwvyw Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:dlhnjh Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:dndemj Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:dnjsjq Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:dozztj Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:dvlkuc Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:dwqxmq Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:dzbacf Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:dzogjl Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ebsmji Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ehnejj Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:enakby Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:eooqul Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ephrcn Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:eraggb Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:eszoti Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:eujpxl Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:eyonts Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ezgedl Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ezztwy Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:fjckmv Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:fjxcfr Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:fjzisw Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:flvpuu Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:fnfzjb Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:fpcqqi Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:fqqisu Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:fxyunk Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:fybzod Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:fzzykv Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:geanqk Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ggbqob Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ghzcdh Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:gmimdc Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:gncdhf Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:grehdd Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:gtmevk Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:gtujvf Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:gvboij Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:gxtqid Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:gyyeyz Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:hiperm Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:hixxmy Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:hkalh Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:hlvewy Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:hoduxl Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:hvvhty Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ijbiij Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ilssdo Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:irjnyt Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:irtpjk Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:itekgr Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:iuzmww Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ixllaj Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:iyiazc Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:jabfzm Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:jatuow Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:jekgeo Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:jfdjuy Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:jhxvsh Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:jiifjh Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:jiwony Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:jksyjl Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:jlvgrt Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:jpvioz Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:jwezww Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:jzdhj Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:kbbea Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:kchxy Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:khidxy Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:khpjpl Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:kkoapx Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:kkvate Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:kozibz Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:kpfgvm Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:kqynyd Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:kulbu Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:kuteas Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:kvgcyf Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:lffotw Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:lfkgpn Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:lisxw Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ljfkod Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:lknrzs Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:lmywa Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:lnlzkz Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:lnotyg Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:lnvkab Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:lprqv Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:lszrvo Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ltbkz Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:lvpgnf Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:lxyfqq Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:lywaob Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:lzgoun Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:lzoarg Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:mahzhx Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:mcwnlr Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:mdxgyg Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:miuapr Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:mmhwho Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:mnqep Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:mprdvg Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:mtcbzl Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:muohe Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:mxxzlm Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:mynqab Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:myswi Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:myvizi Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:mzljlw Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:naydpr Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:nczsz Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:neynu Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:nogjtx Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:npxvyj Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:nslhg Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:nstloa Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ntbwav Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:nteska Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:nuibfz Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:nwsapg Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:nxjuus Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:oetjqa Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:offrww Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ohbmkt Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ohhpjw Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ohndgk Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ohwzpc Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ojccu Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:olinh Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:omphjz Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:onscy Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ooohp Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:opsmvt Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:osbtk Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:osetzs Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ovvpll Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:owakgt Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:owkha Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:owurav Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:pabcuy Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:pajory Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:phriqy Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:piesko Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:pjcobn Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:pkfdih Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:pkpbuc Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:pnbjnn Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:pncxhf Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:polpdb Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:pphogk Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:pspvec Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ptgzbt Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:pwaxgy Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:pxyvwr Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:pzllcq Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:qbyti Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:qhsoy Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:qlaidl Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:qlambd Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:qloizq Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:qoldnb Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:qoxnj Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:qrfkkp Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:qrttog Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:quchzt Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:qyddn Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:qynhg Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:qzqjhg Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:rdpmkq Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:rglfaw Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:rhmjkv Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:rjcnzt Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:rmpaco Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:rnsjv Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:roddmo Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:rxsawj Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:rytzbo Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ryvovl Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:sbmjxl Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:sdlwe Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:shpyvw Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:sjibei Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:smsmqp Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:smyavd Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:snodhx Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:sondaj Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:spmbtc Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:stizgp Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:sttoa Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:suuev Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:sxqqgk Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:sxyspt Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:tcfmpv Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:tcjme Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:tdetev Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:teabvd Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:tehtrc Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:teyrfo Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:thokgn Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:tlprne Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:tpcifh Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:trttnp Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:tuxalv Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:twnawo Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:txlvxx Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:txmmhr Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:txvlgz Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:txysm Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:tywial Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:tzwvxw Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ublkbw Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ubmhrg Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ucigbt Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ugwowa Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:uhzzpi Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:uiyblm Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ujbuup Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ukccaj Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:unnao Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:uocqe Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:uycqo Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:uzoyng Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:vabjas Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:vacmb Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:vdihoi Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:veieoq Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:vmjwox Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:vnoezm Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:vqbxhq Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:vqgeag Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:vrbgux Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:vrizkz Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:vrlgxh Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:vsirj Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:vsjqyl Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:wasyqi Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:wbtxp Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:wgmlvz Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:wguxma Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:wgzdwn Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:whmmqd Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:wigjlt Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:wkflme Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:wqjqml Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:wssmil Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:wtrtnt Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:wuccrb Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:wzbkg Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:xasmmx Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:xdlrxf Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:xkuxgf Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:xlgvoe Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:xoxmdl Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:xpaxwp Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:xptxl Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:xqvwst Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:xrhtwu Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:xteck Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:xtwtzj Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:xzakhz Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:xzrpf Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ycwgig Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:yeahng Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:yftskv Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:yhtdql Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:yjsnug Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ykhhht Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ylnmr Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ymeoxi Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ypkcpj Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ypvtms Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:yqmfqn Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:yrnluh Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:yulcf Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:yvlucu Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:yxblzd Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:yyxwnw Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:zaajy Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:zbwfc Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:zcgixc Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:zdepm Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:zikifj Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:ziqvcx Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:zlexiw Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:znszfm Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:zonqch Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:zsehf Removed Stream! C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:zsqmef ------------------------------------------------------------- Removed File! : C:\WINDOWS\addcp.exe Removed File! : C:\WINDOWS\addhn.dll Removed File! : C:\WINDOWS\addnf32.exe Removed File! : C:\WINDOWS\addpa32.exe Removed File! : C:\WINDOWS\addvj32.exe Removed File! : C:\WINDOWS\addwo32.exe Removed File! : C:\WINDOWS\addxk32.exe Removed File! : C:\WINDOWS\addxw32.exe Removed File! : C:\WINDOWS\addzp.exe Removed File! : C:\WINDOWS\alsow.log Removed File! : C:\WINDOWS\ambjl.txt Removed File! : C:\WINDOWS\apiej32.exe Removed File! : C:\WINDOWS\apifn.exe Removed File! : C:\WINDOWS\apiik.exe Removed File! : C:\WINDOWS\apijo32.exe Removed File! : C:\WINDOWS\apioq.exe Removed File! : C:\WINDOWS\apira32.exe Removed File! : C:\WINDOWS\apisd32.exe Removed File! : C:\WINDOWS\apivi.exe Removed File! : C:\WINDOWS\apixj32.exe Removed File! : C:\WINDOWS\appjg.exe Removed File! : C:\WINDOWS\appmh.exe Removed File! : C:\WINDOWS\appqj32.exe Removed File! : C:\WINDOWS\arvxz.log Removed File! : C:\WINDOWS\asldd.log Removed File! : C:\WINDOWS\atlgc32.exe Removed File! : C:\WINDOWS\atlir32.exe Removed File! : C:\WINDOWS\atlkb32.dll Removed File! : C:\WINDOWS\atlwk32.exe Removed File! : C:\WINDOWS\atlzb32.exe Removed File! : C:\WINDOWS\atlzn.exe Removed File! : C:\WINDOWS\atlzt32.exe Removed File! : C:\WINDOWS\avedq.log Removed File! : C:\WINDOWS\azcvv.txt Removed File! : C:\WINDOWS\baoox.log Removed File! : C:\WINDOWS\bgfsd.log Removed File! : C:\WINDOWS\bklnc.txt Removed File! : C:\WINDOWS\bsdvo.txt Removed File! : C:\WINDOWS\btqdh.dat Removed File! : C:\WINDOWS\cbcfs.dat Removed File! : C:\WINDOWS\cbqua.txt Removed File! : C:\WINDOWS\ceonp.txt Removed File! : C:\WINDOWS\chjps.txt Removed File! : C:\WINDOWS\crbo32.exe Removed File! : C:\WINDOWS\crem32.exe Removed File! : C:\WINDOWS\crsg32.dll Removed File! : C:\WINDOWS\crxb.exe Removed File! : C:\WINDOWS\crxd32.exe Removed File! : C:\WINDOWS\cuxmw.txt Removed File! : C:\WINDOWS\cwqci.dat Removed File! : C:\WINDOWS\cwqhs.log Removed File! : C:\WINDOWS\d3fb.exe Removed File! : C:\WINDOWS\d3fh32.exe Removed File! : C:\WINDOWS\d3gn32.exe Removed File! : C:\WINDOWS\d3hx32.exe Removed File! : C:\WINDOWS\d3lh.dll Removed File! : C:\WINDOWS\d3mw32.exe Removed File! : C:\WINDOWS\d3sf32.exe Removed File! : C:\WINDOWS\d3tg32.dll Removed File! : C:\WINDOWS\daxgv.txt Removed File! : C:\WINDOWS\dftgb.dat Removed File! : C:\WINDOWS\ebjbi.txt Removed File! : C:\WINDOWS\eehlb.dat Removed File! : C:\WINDOWS\egwme.dat Removed File! : C:\WINDOWS\ejmfs.log Removed File! : C:\WINDOWS\eoscs.txt Removed File! : C:\WINDOWS\eouay.dat Removed File! : C:\WINDOWS\etrvp.txt Removed File! : C:\WINDOWS\eujmn.log Removed File! : C:\WINDOWS\eyyky.txt Removed File! : C:\WINDOWS\eyzeq.txt Removed File! : C:\WINDOWS\ffgxx.log Removed File! : C:\WINDOWS\fwpqu.txt Removed File! : C:\WINDOWS\fyggf.txt Removed File! : C:\WINDOWS\gcsvl.dat Removed File! : C:\WINDOWS\gehpa.txt Removed File! : C:\WINDOWS\ggupb.txt Removed File! : C:\WINDOWS\gjaol.dat Removed File! : C:\WINDOWS\hhvvy.dat Removed File! : C:\WINDOWS\hhylu.log Removed File! : C:\WINDOWS\hinai.txt Removed File! : C:\WINDOWS\holul.log Removed File! : C:\WINDOWS\hoopf.txt Removed File! : C:\WINDOWS\hqtls.txt Removed File! : C:\WINDOWS\ibuio.dat Removed File! : C:\WINDOWS\ielj.exe Removed File! : C:\WINDOWS\ielo.exe Removed File! : C:\WINDOWS\iemi.dll Removed File! : C:\WINDOWS\ieqh.exe Removed File! : C:\WINDOWS\iery32.exe Removed File! : C:\WINDOWS\iezd.exe Removed File! : C:\WINDOWS\ikljt.log Removed File! : C:\WINDOWS\ilxic.txt Removed File! : C:\WINDOWS\ipay.exe Removed File! : C:\WINDOWS\ipcl32.exe Removed File! : C:\WINDOWS\ipin.dll Removed File! : C:\WINDOWS\ipnf.exe Removed File! : C:\WINDOWS\ipwp.exe Removed File! : C:\WINDOWS\ipya32.exe Removed File! : C:\WINDOWS\ipzm.dll Removed File! : C:\WINDOWS\javaan32.exe Removed File! : C:\WINDOWS\javaaz.exe Removed File! : C:\WINDOWS\javajv32.exe Removed File! : C:\WINDOWS\javamy.exe Removed File! : C:\WINDOWS\javaou32.exe Removed File! : C:\WINDOWS\javawo.dll Removed File! : C:\WINDOWS\jllzh.dat Removed File! : C:\WINDOWS\jvesb.dat Removed File! : C:\WINDOWS\kejrq.log Removed File! : C:\WINDOWS\kgeui.dat Removed File! : C:\WINDOWS\kobdu.dat Removed File! : C:\WINDOWS\liosc.log Removed File! : C:\WINDOWS\lomoo.dat Removed File! : C:\WINDOWS\ltpna.txt Removed File! : C:\WINDOWS\lvpgn.log Removed File! : C:\WINDOWS\mfcdu.exe Removed File! : C:\WINDOWS\mfcip.exe Removed File! : C:\WINDOWS\mfcjk32.dll Removed File! : C:\WINDOWS\mfcnh32.exe Removed File! : C:\WINDOWS\mfczz.exe Removed File! : C:\WINDOWS\msbr.exe Removed File! : C:\WINDOWS\mskm32.exe Removed File! : C:\WINDOWS\msof32.exe Removed File! : C:\WINDOWS\msuf.exe Removed File! : C:\WINDOWS\msvq32.exe Removed File! : C:\WINDOWS\netht32.dll Removed File! : C:\WINDOWS\netjb32.exe Removed File! : C:\WINDOWS\netke32.exe Removed File! : C:\WINDOWS\netkv32.exe Removed File! : C:\WINDOWS\netsc32.exe Removed File! : C:\WINDOWS\netvz32.exe Removed File! : C:\WINDOWS\ntbu.exe Removed File! : C:\WINDOWS\nthi.exe Removed File! : C:\WINDOWS\ntqg.exe Removed File! : C:\WINDOWS\ntsy.dll Removed File! : C:\WINDOWS\nttz32.exe Removed File! : C:\WINDOWS\ntzu32.dll Removed File! : C:\WINDOWS\nxjuu.log Removed File! : C:\WINDOWS\n_gxuetw.dat Removed File! : C:\WINDOWS\n_uyefsi.log Removed File! : C:\WINDOWS\n_yexyzv.dat Removed File! : C:\WINDOWS\odidi.dat Removed File! : C:\WINDOWS\ogdxf.txt Removed File! : C:\WINDOWS\oiimf.log Removed File! : C:\WINDOWS\onyzt.txt Removed File! : C:\WINDOWS\osfse.log Removed File! : C:\WINDOWS\otryf.txt Removed File! : C:\WINDOWS\pbodp.log Removed File! : C:\WINDOWS\ppsfc.log Removed File! : C:\WINDOWS\pvkeb.dat Removed File! : C:\WINDOWS\pztdm.dat Removed File! : C:\WINDOWS\qbhok.dat Removed File! : C:\WINDOWS\qmwcj.txt Removed File! : C:\WINDOWS\qmyar.txt Removed File! : C:\WINDOWS\qrris.dat Removed File! : C:\WINDOWS\qxkul.txt Removed File! : C:\WINDOWS\qzqjh.dat Removed File! : C:\WINDOWS\rcdct.txt Removed File! : C:\WINDOWS\retvz.log Removed File! : C:\WINDOWS\rujos.txt Removed File! : C:\WINDOWS\rvnwv.dat Removed File! : C:\WINDOWS\sarln.dat Removed File! : C:\WINDOWS\scznl.log Removed File! : C:\WINDOWS\sdknf32.dll Removed File! : C:\WINDOWS\sdkql32.dll Removed File! : C:\WINDOWS\sdkqq.exe Removed File! : C:\WINDOWS\sdkrt32.dll Removed File! : C:\WINDOWS\sdktj32.exe Removed File! : C:\WINDOWS\sdktt32.exe Removed File! : C:\WINDOWS\sdkup32.exe Removed File! : C:\WINDOWS\siouo.txt Removed File! : C:\WINDOWS\srhzk.log Removed File! : C:\WINDOWS\stpbl.log Removed File! : C:\WINDOWS\synfa.txt Removed File! : C:\WINDOWS\sysac.exe Removed File! : C:\WINDOWS\sysio32.exe Removed File! : C:\WINDOWS\sysju32.exe Removed File! : C:\WINDOWS\syslo.dll Removed File! : C:\WINDOWS\sysrw.exe Removed File! : C:\WINDOWS\tcfos.dat Removed File! : C:\WINDOWS\thjnv.log Removed File! : C:\WINDOWS\thokg.log Removed File! : C:\WINDOWS\ucslj.txt Removed File! : C:\WINDOWS\ugkxz.dat Removed File! : C:\WINDOWS\ugwow.log Removed File! : C:\WINDOWS\uinds.log Removed File! : C:\WINDOWS\uroyh.dat Removed File! : C:\WINDOWS\vaidq.dat Removed File! : C:\WINDOWS\vdgno.txt Removed File! : C:\WINDOWS\vjago.dat Removed File! : C:\WINDOWS\vkbnv.dat Removed File! : C:\WINDOWS\vktbk.log Removed File! : C:\WINDOWS\vmhvs.dat Removed File! : C:\WINDOWS\vpevq.log Removed File! : C:\WINDOWS\vvkzc.log Removed File! : C:\WINDOWS\vxulq.txt Removed File! : C:\WINDOWS\winac.exe Removed File! : C:\WINDOWS\wingf32.exe Removed File! : C:\WINDOWS\winvf32.exe Removed File! : C:\WINDOWS\winvh.exe Removed File! : C:\WINDOWS\wmjvc.log Removed File! : C:\WINDOWS\wtrtn.txt Removed File! : C:\WINDOWS\xleqk.dat Removed File! : C:\WINDOWS\xpgcc.txt Removed File! : C:\WINDOWS\xtqvm.txt Removed File! : C:\WINDOWS\xukwg.log Removed File! : C:\WINDOWS\ybvvh.dat Removed File! : C:\WINDOWS\yqmfq.txt Removed File! : C:\WINDOWS\yqqbu.log Removed File! : C:\WINDOWS\ywoji.txt Removed File! : C:\WINDOWS\zdhjy.dat Removed File! : C:\WINDOWS\zjlkv.log Removed File! : C:\WINDOWS\zklfb.txt Removed File! : C:\WINDOWS\zvfzy.dat Removed File! : C:\WINDOWS\zxgps.txt Removed File! : C:\WINDOWS\zxjio.txt Removed File! : C:\WINDOWS\zxmxh.txt Removed File! : C:\WINDOWS\zzghb.txt Removed File! : C:\WINDOWS\System32\addad32.exe Removed File! : C:\WINDOWS\System32\addnb32.exe Removed File! : C:\WINDOWS\System32\addpo32.exe Removed File! : C:\WINDOWS\System32\addwu32.exe Removed File! : C:\WINDOWS\System32\addxt.exe Removed File! : C:\WINDOWS\System32\aiskd.log Removed File! : C:\WINDOWS\System32\apifb.exe Removed File! : C:\WINDOWS\System32\apifd.exe Removed File! : C:\WINDOWS\System32\apihd.exe Removed File! : C:\WINDOWS\System32\apips.dll Removed File! : C:\WINDOWS\System32\apiqz.exe Removed File! : C:\WINDOWS\System32\apitc32.exe Removed File! : C:\WINDOWS\System32\apiyh.dll Removed File! : C:\WINDOWS\System32\appfc32.exe Removed File! : C:\WINDOWS\System32\appfo.exe Removed File! : C:\WINDOWS\System32\appmq32.exe Removed File! : C:\WINDOWS\System32\appmt.exe Removed File! : C:\WINDOWS\System32\apprx.exe Removed File! : C:\WINDOWS\System32\appsl32.exe Removed File! : C:\WINDOWS\System32\appyb32.exe Removed File! : C:\WINDOWS\System32\aqeby.txt Removed File! : C:\WINDOWS\System32\aromq.log Removed File! : C:\WINDOWS\System32\arvvm.dat Removed File! : C:\WINDOWS\System32\atlee.exe Removed File! : C:\WINDOWS\System32\atlfa32.exe Removed File! : C:\WINDOWS\System32\atljb32.exe Removed File! : C:\WINDOWS\System32\atloe.exe Removed File! : C:\WINDOWS\System32\atlva32.exe Removed File! : C:\WINDOWS\System32\atlye.exe Removed File! : C:\WINDOWS\System32\boeag.txt Removed File! : C:\WINDOWS\System32\bqscv.txt Removed File! : C:\WINDOWS\System32\bunay.dat Removed File! : C:\WINDOWS\System32\cgoso.log Removed File! : C:\WINDOWS\System32\cimcm.txt Removed File! : C:\WINDOWS\System32\cjkxy.dat Removed File! : C:\WINDOWS\System32\cqgni.log Removed File! : C:\WINDOWS\System32\crcj.exe Removed File! : C:\WINDOWS\System32\crgu32.exe Removed File! : C:\WINDOWS\System32\crif.exe Removed File! : C:\WINDOWS\System32\crlf32.exe Removed File! : C:\WINDOWS\System32\crmi.exe Removed File! : C:\WINDOWS\System32\crqe32.dll Removed File! : C:\WINDOWS\System32\crqt.exe Removed File! : C:\WINDOWS\System32\crrg.exe Removed File! : C:\WINDOWS\System32\cruv32.dll Removed File! : C:\WINDOWS\System32\crzl.exe Removed File! : C:\WINDOWS\System32\crzr32.exe Removed File! : C:\WINDOWS\System32\cyvst.dat Removed File! : C:\WINDOWS\System32\cztbv.dat Removed File! : C:\WINDOWS\System32\d3cq.exe Removed File! : C:\WINDOWS\System32\d3dk.exe Removed File! : C:\WINDOWS\System32\d3fo32.exe Removed File! : C:\WINDOWS\System32\d3ge32.exe Removed File! : C:\WINDOWS\System32\dbudj.log Removed File! : C:\WINDOWS\System32\degbq.dat Removed File! : C:\WINDOWS\System32\dibir.dat Removed File! : C:\WINDOWS\System32\dnvgs.txt Removed File! : C:\WINDOWS\System32\drcaq.log Removed File! : C:\WINDOWS\System32\dtskg.txt Removed File! : C:\WINDOWS\System32\euufv.log Removed File! : C:\WINDOWS\System32\euwvh.log Removed File! : C:\WINDOWS\System32\fibqt.txt Removed File! : C:\WINDOWS\System32\fjckm.log Removed File! : C:\WINDOWS\System32\fjlyd.txt Removed File! : C:\WINDOWS\System32\fjqnp.log Removed File! : C:\WINDOWS\System32\fkclh.log Removed File! : C:\WINDOWS\System32\fmikp.dat Removed File! : C:\WINDOWS\System32\fzkra.txt Removed File! : C:\WINDOWS\System32\gdild.dat Removed File! : C:\WINDOWS\System32\geqba.log Removed File! : C:\WINDOWS\System32\gjfnj.dat Removed File! : C:\WINDOWS\System32\hbzkx.log Removed File! : C:\WINDOWS\System32\hvtfj.dat Removed File! : C:\WINDOWS\System32\hwdrt.dat Removed File! : C:\WINDOWS\System32\hwmko.log Removed File! : C:\WINDOWS\System32\hwmxk.txt Removed File! : C:\WINDOWS\System32\hzeiq.dat Removed File! : C:\WINDOWS\System32\ibvco.dat Removed File! : C:\WINDOWS\System32\icwgs.dat Removed File! : C:\WINDOWS\System32\iecm.dll Removed File! : C:\WINDOWS\System32\iegr32.exe Removed File! : C:\WINDOWS\System32\ieit.exe Removed File! : C:\WINDOWS\System32\iemi.exe Removed File! : C:\WINDOWS\System32\ienn32.exe Removed File! : C:\WINDOWS\System32\ipiu32.exe Removed File! : C:\WINDOWS\System32\ipjd32.exe Removed File! : C:\WINDOWS\System32\iprl32.dll Removed File! : C:\WINDOWS\System32\ipvj.exe Removed File! : C:\WINDOWS\System32\irjny.dat Removed File! : C:\WINDOWS\System32\javacp.exe Removed File! : C:\WINDOWS\System32\javaps32.exe Removed File! : C:\WINDOWS\System32\javayy.exe Removed File! : C:\WINDOWS\System32\jephl.dat Removed File! : C:\WINDOWS\System32\jpaac.dat Removed File! : C:\WINDOWS\System32\kdviv.txt Removed File! : C:\WINDOWS\System32\kipns.txt Removed File! : C:\WINDOWS\System32\kkekv.txt Removed File! : C:\WINDOWS\System32\kkpbr.txt Removed File! : C:\WINDOWS\System32\kowyf.dat Removed File! : C:\WINDOWS\System32\kyiim.txt Removed File! : C:\WINDOWS\System32\kyvlu.txt Removed File! : C:\WINDOWS\System32\kziou.txt Removed File! : C:\WINDOWS\System32\ldezv.log Removed File! : C:\WINDOWS\System32\lhmdj.txt Removed File! : C:\WINDOWS\System32\lvraf.log Removed File! : C:\WINDOWS\System32\mapzx.dat Removed File! : C:\WINDOWS\System32\mfcbh.exe Removed File! : C:\WINDOWS\System32\mfcbw.exe Removed File! : C:\WINDOWS\System32\mfcma32.dll Removed File! : C:\WINDOWS\System32\mfcsn.exe Removed File! : C:\WINDOWS\System32\mfcxw.exe Removed File! : C:\WINDOWS\System32\mskq.dll Removed File! : C:\WINDOWS\System32\msta.exe Removed File! : C:\WINDOWS\System32\msui.exe Removed File! : C:\WINDOWS\System32\msvd.exe Removed File! : C:\WINDOWS\System32\msxp32.exe Removed File! : C:\WINDOWS\System32\mtool.dat Removed File! : C:\WINDOWS\System32\muqux.dat Removed File! : C:\WINDOWS\System32\muxll.log Removed File! : C:\WINDOWS\System32\narcl.txt Removed File! : C:\WINDOWS\System32\netdw32.exe Removed File! : C:\WINDOWS\System32\neteu32.exe Removed File! : C:\WINDOWS\System32\nethw.exe Removed File! : C:\WINDOWS\System32\netiu32.exe Removed File! : C:\WINDOWS\System32\netlj32.exe Removed File! : C:\WINDOWS\System32\netzk32.exe Removed File! : C:\WINDOWS\System32\nfrgm.txt Removed File! : C:\WINDOWS\System32\nqbue.log Removed File! : C:\WINDOWS\System32\ntcd.dll Removed File! : C:\WINDOWS\System32\ntemk.dat Removed File! : C:\WINDOWS\System32\ntev32.exe Removed File! : C:\WINDOWS\System32\ntgj.exe Removed File! : C:\WINDOWS\System32\ntnr.dll Removed File! : C:\WINDOWS\System32\ntuh32.exe Removed File! : C:\WINDOWS\System32\ntus32.exe Removed File! : C:\WINDOWS\System32\octoc.log Removed File! : C:\WINDOWS\System32\offrw.dat Removed File! : C:\WINDOWS\System32\ohoeg.txt Removed File! : C:\WINDOWS\System32\oogro.txt Removed File! : C:\WINDOWS\System32\owdew.log Removed File! : C:\WINDOWS\System32\oygxw.txt Removed File! : C:\WINDOWS\System32\oyjks.log Removed File! : C:\WINDOWS\System32\pbasu.log Removed File! : C:\WINDOWS\System32\pfiuc.txt Removed File! : C:\WINDOWS\System32\pioxk.dat Removed File! : C:\WINDOWS\System32\plylw.dat Removed File! : C:\WINDOWS\System32\pwjud.txt Removed File! : C:\WINDOWS\System32\pwvkc.txt Removed File! : C:\WINDOWS\System32\qeecy.txt Removed File! : C:\WINDOWS\System32\qlned.txt Removed File! : C:\WINDOWS\System32\qotjb.txt Removed File! : C:\WINDOWS\System32\quidb.txt Removed File! : C:\WINDOWS\System32\qwexs.log Removed File! : C:\WINDOWS\System32\qzjqb.txt Removed File! : C:\WINDOWS\System32\rbsyz.txt Removed File! : C:\WINDOWS\System32\rngew.txt Removed File! : C:\WINDOWS\System32\rxsaw.txt Removed File! : C:\WINDOWS\System32\sdkhq32.dll Removed File! : C:\WINDOWS\System32\sdkjh.exe Removed File! : C:\WINDOWS\System32\sdksu.exe Removed File! : C:\WINDOWS\System32\sdktl.exe Removed File! : C:\WINDOWS\System32\sdkwa.exe Removed File! : C:\WINDOWS\System32\sdkww.dll Removed File! : C:\WINDOWS\System32\sdkye32.exe Removed File! : C:\WINDOWS\System32\shpyv.txt Removed File! : C:\WINDOWS\System32\sjbeq.log Removed File! : C:\WINDOWS\System32\skkvi.dat Removed File! : C:\WINDOWS\System32\sqrzt.dat Removed File! : C:\WINDOWS\System32\syseb.exe Removed File! : C:\WINDOWS\System32\sysky32.exe Removed File! : C:\WINDOWS\System32\syslv32.exe Removed File! : C:\WINDOWS\System32\sysnk.exe Removed File! : C:\WINDOWS\System32\syssk.exe Removed File! : C:\WINDOWS\System32\systf32.exe Removed File! : C:\WINDOWS\System32\systh32.exe Removed File! : C:\WINDOWS\System32\systs32.exe Removed File! : C:\WINDOWS\System32\systu.exe Removed File! : C:\WINDOWS\System32\sysye.exe Removed File! : C:\WINDOWS\System32\szawc.txt Removed File! : C:\WINDOWS\System32\tgzaw.dat Removed File! : C:\WINDOWS\System32\tkvfv.dat Removed File! : C:\WINDOWS\System32\tnpsv.log Removed File! : C:\WINDOWS\System32\ubmzf.dat Removed File! : C:\WINDOWS\System32\uddma.log Removed File! : C:\WINDOWS\System32\ugsai.dat Removed File! : C:\WINDOWS\System32\umpre.dat Removed File! : C:\WINDOWS\System32\urcnr.dat Removed File! : C:\WINDOWS\System32\urdly.dat Removed File! : C:\WINDOWS\System32\uubog.dat Removed File! : C:\WINDOWS\System32\uwfmr.dat Removed File! : C:\WINDOWS\System32\vgmjm.log Removed File! : C:\WINDOWS\System32\vhhme.dat Removed File! : C:\WINDOWS\System32\vmgtz.log Removed File! : C:\WINDOWS\System32\vmqef.dat Removed File! : C:\WINDOWS\System32\vrege.dat Removed File! : C:\WINDOWS\System32\vtwut.dat Removed File! : C:\WINDOWS\System32\winha32.exe Removed File! : C:\WINDOWS\System32\winhm.exe Removed File! : C:\WINDOWS\System32\winiy.exe Removed File! : C:\WINDOWS\System32\winlp32.exe Removed File! : C:\WINDOWS\System32\winml.exe Removed File! : C:\WINDOWS\System32\winys.exe Removed File! : C:\WINDOWS\System32\winzq32.exe Removed File! : C:\WINDOWS\System32\woqse.dat Removed File! : C:\WINDOWS\System32\wsaro.dat Removed File! : C:\WINDOWS\System32\wxbsr.txt Removed File! : C:\WINDOWS\System32\xdlre.txt Removed File! : C:\WINDOWS\System32\xgycz.log Removed File! : C:\WINDOWS\System32\xlqqp.log Removed File! : C:\WINDOWS\System32\xqzad.dat Removed File! : C:\WINDOWS\System32\xucfi.log Removed File! : C:\WINDOWS\System32\xyfhs.log Removed File! : C:\WINDOWS\System32\xzakh.log Removed File! : C:\WINDOWS\System32\yaihl.txt Removed File! : C:\WINDOWS\System32\ydwuh.log Removed File! : C:\WINDOWS\System32\yvpfh.dat Removed File! : C:\WINDOWS\System32\zckpz.log Removed File! : C:\WINDOWS\System32\zgbrp.txt Removed File! : C:\WINDOWS\System32\zjrpc.txt Removed File! : C:\WINDOWS\System32\znysx.dat ------------------------------------------------------------- Removed Temp Files Internet Explorer Settings Reset! ------------------------------------------------------------- Scan was COMPLETED SUCCESSFULLY at 5:38:46 PM
  17. hi jw! i did wat u said about doing the system restore...but....about blaster still shows (run-time error "6") message...wont run.i ran an ewido and hjt scan again---(didnt like what i was seeing as i turned on the comp today)----(kinda slow) ewido showed 30 somthing infections again(all cws)says it cleaned them with backups.i cant find where this backup folder is to delete them again. i went to do a kaspersky scan again and it seemed like the comp just froze up---so i quit.(i will do it again though). how does this crap keep getting into my system? i need this stuff to cease..as it really irritates me to no end.i got other questions but ill do them in an email. anyways ill post what i got.-----thks man! hard Logfile of HijackThis v1.99.1 Scan saved at 1:22:31 PM, on 2/12/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\windows\system\hpsysdrv.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\BroadJump\Client Foundation\CFD.exe C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\System32\ctfmon.exe C:\PROGRA~1\HPINST~1\plugin\bin\pchbutton.exe C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe C:\Program Files\EarthLink TotalAccess\TaskPanl.exe C:\Program Files\Sprint DSL virtual assistant\bin\SprintVirtualAssistant.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\Sprint DSL virtual assistant\bin\mpbtn.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\Program Files\Norton AntiVirus\navapsvc.exe c:\PROGRA~1\HEWLET~1\HPINST~1\common\MOTIVE~1.EXE C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\MSN\MSNCoreFiles\msn.exe C:\WINDOWS\explorer.exe C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\Owner\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/more/msie...ton/search.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.earthlink.net/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: EarthLink Popup Blocker - {4B5F2E08-6F39-479a-B547-B2026E4C7EDF} - C:\Program Files\EarthLink TotalAccess\PnEL.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: EarthLink Toolbar - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink TotalAccess\PnEL.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [sprintModemUpdate] javaw.exe -cp "C:\Program Files\Motive\FirmwareUpdater\lib\SprintModemUpdate.jar" com.motive.firmwareUpdater.client.SprintModemUpdate O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPINST~1\plugin\bin\pchbutton.exe O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart O4 - Global Startup: Sprint virtual assistant.lnk = C:\Program Files\Sprint DSL virtual assistant\bin\matcli.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll O12 - Plugin for .png: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kav...can_unicode.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab' rel="external nofollow">http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab' rel="external nofollow">http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/SymAData.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/sj/en/check/qdiagh.cab?326 O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\System32\HPHipm11.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe --------------------------------------------------------- ewido anti-malware - Scan report --------------------------------------------------------- + Created on: 2:32:16 PM, 2/12/2006 + Report-Checksum: 79C05A84 + Scan result: HKLM\SOFTWARE\Classes\CLSID\{11B2E5EC-FEC2-6294-86A4-95682319ABD2} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{11B80E45-BEC0-8756-1DFA-87AE79FA25EC} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{28A9AC69-9562-7657-FFA5-4E4541172B83} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{2CA0CAD1-B247-07AB-7C43-FD61C655D5E2} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{2D8F6DAA-6B2C-D070-B2CB-029A9926F9E4} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{461C9660-1084-FA67-7AF6-27FEB941E6E8} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{4F766EC4-211C-AC42-9FA4-99E5B875A4CF} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{538D316B-A3A2-1200-EE47-1BEF8BCDD755} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{55C8C6D7-0FC7-6CAC-AA38-69CB63141D4E} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{57C0C13E-E95C-411D-BCD9-A537E6B2AA24} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{5ED0322D-E61A-0915-184A-5DEFC6990411} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{696F735F-7662-8432-DD3E-DAA24E182345} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{6D782F8C-5DE2-3548-935C-FEBC16AA150D} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{6E3BDCC0-A228-DCB8-7E88-ECF18F0D9B1C} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{7204E2C9-DF95-CE70-794E-1F3F2AD1DE08} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{825929FA-938D-0933-A4AB-393513D1CAF5} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{87993483-A3AD-794F-F265-DD005BD9116B} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{95A3F09B-4262-4283-DBCC-7F94A44A9BA9} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{983D1105-2366-D1D5-E5DA-05F4CC5CDA8E} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{99F991F4-B99D-9CF6-C0E1-008449A5E64C} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{A6BCE966-302E-BD8D-25BA-12F8C7148266} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{AB8477A9-6521-5711-E5B4-DF3AC41BCC8E} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{BFB065A2-4F3C-61BB-4A5B-FA6D452D3EAC} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{C2D3D802-55DE-AF83-8D28-DCB9E085F258} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{D0F03457-32E5-5715-6CDD-72C94F05ABBE} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{D6EF05C6-13C4-35B7-58BF-46C5B6FB102B} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{D89FEB47-489B-5DB5-8F56-21233C5B92D4} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{F710B350-342B-CDD4-0BB3-EFD563F6AFF2} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{F76604BF-96C5-81C9-07E5-094D1BB88043} -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{FF394C8B-7899-97DB-8475-1BD5A14319C2} -> Adware.CoolWebSearch : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:hyhws -> Downloader.Agent.td : Cleaned with backup ::Report End
  18. ok jw---did wat u said,kinda difficult for me but i did it...ya and heres the hjt log just afterwards..certainly much shorter than the original huh...lol had my wife send off the donation today(ill send more when its all fixed up)..ur doin a super job...thks man--ur guys site rocks! hard Logfile of HijackThis v1.99.1 Scan saved at 6:07:17 PM, on 2/9/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\windows\system\hpsysdrv.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\BroadJump\Client Foundation\CFD.exe C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\System32\ctfmon.exe C:\PROGRA~1\HPINST~1\plugin\bin\pchbutton.exe C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe C:\Program Files\EarthLink TotalAccess\TaskPanl.exe C:\WINDOWS\System32\javaw.exe C:\Program Files\Sprint DSL virtual assistant\bin\SprintVirtualAssistant.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\Program Files\Sprint DSL virtual assistant\bin\mpbtn.exe C:\Program Files\Norton AntiVirus\navapsvc.exe c:\PROGRA~1\HEWLET~1\HPINST~1\common\MOTIVE~1.EXE C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN\MSNCoreFiles\msn.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\Owner\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/more/msie...ton/search.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.earthlink.net/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: EarthLink Popup Blocker - {4B5F2E08-6F39-479a-B547-B2026E4C7EDF} - C:\Program Files\EarthLink TotalAccess\PnEL.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: EarthLink Toolbar - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink TotalAccess\PnEL.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [sprintModemUpdate] javaw.exe -cp "C:\Program Files\Motive\FirmwareUpdater\lib\SprintModemUpdate.jar" com.motive.firmwareUpdater.client.SprintModemUpdate O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPINST~1\plugin\bin\pchbutton.exe O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart O4 - Global Startup: Sprint virtual assistant.lnk = C:\Program Files\Sprint DSL virtual assistant\bin\matcli.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll O12 - Plugin for .png: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kav...can_unicode.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab' rel="external nofollow">http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab' rel="external nofollow">http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/SymAData.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/sj/en/check/qdiagh.cab?326 O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\System32\HPHipm11.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
  19. you were right jw,kaspersky is a great program and no email like ya said. kas scan did show some more stuff in my comp.its huge quick question tho:how come norton didnt detect any of the stuff that i've encountered on my comp? heres the scan results(if i do it right--really no good at this stuff) thanks again man! hardracer
  20. here is my hjt log....i didnt do the activescan..cause i dont particularly like that product and i dont like giving out my email all that much.isnt ewido doing the same thing? i got the ball rolling on the donation already also.computer seems to be runnin in top shape again now. the rpc helper was already disable it said,and when i went to do what u said about removing an "nt"service" it said it couldnt find it in the registry..is this alreday gone? i still cant thank you enough for getting my comp back up to par..thank you so much hardracer Logfile of HijackThis v1.99.1 Scan saved at 12:46:44 PM, on 2/4/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\windows\system\hpsysdrv.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\BroadJump\Client Foundation\CFD.exe C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\System32\ctfmon.exe C:\PROGRA~1\HPINST~1\plugin\bin\pchbutton.exe C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe C:\Program Files\EarthLink TotalAccess\TaskPanl.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Sprint DSL virtual assistant\bin\SprintVirtualAssistant.exe C:\Program Files\Sprint DSL virtual assistant\bin\mpbtn.exe c:\PROGRA~1\HEWLET~1\HPINST~1\common\MOTIVE~1.EXE C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe C:\Program Files\MSN\MSNCoreFiles\msn.exe C:\WINDOWS\System32\rsvp.exe C:\Documents and Settings\Owner\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/more/msie...ton/search.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.earthlink.net/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: EarthLink Popup Blocker - {4B5F2E08-6F39-479a-B547-B2026E4C7EDF} - C:\Program Files\EarthLink TotalAccess\PnEL.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: EarthLink Toolbar - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink TotalAccess\PnEL.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [sprintModemUpdate] javaw.exe -cp "C:\Program Files\Motive\FirmwareUpdater\lib\SprintModemUpdate.jar" com.motive.firmwareUpdater.client.SprintModemUpdate O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPINST~1\plugin\bin\pchbutton.exe O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart O4 - Global Startup: Sprint virtual assistant.lnk = C:\Program Files\Sprint DSL virtual assistant\bin\matcli.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll O12 - Plugin for .png: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab' rel="external nofollow">http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab' rel="external nofollow">http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/SymAData.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/sj/en/check/qdiagh.cab?326 O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\System32\HPHipm11.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
  21. hjt log....Will try the ewido log next time...Thks man!...so far you guys are simply awsome. Do you have an answer on the donating question previously asked? hardracer Logfile of HijackThis v1.99.1 Scan saved at 12:45:05 AM, on 1/31/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\Owner\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/more/msie...ton/search.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.earthlink.net/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: EarthLink Popup Blocker - {4B5F2E08-6F39-479a-B547-B2026E4C7EDF} - C:\Program Files\EarthLink TotalAccess\PnEL.dll O2 - BHO: Class - {4E427CC3-007C-CF57-560B-01C45449CF0D} - C:\WINDOWS\system32\ntxq.dll (file missing) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: EarthLink Toolbar - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink TotalAccess\PnEL.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [sprintModemUpdate] javaw.exe -cp "C:\Program Files\Motive\FirmwareUpdater\lib\SprintModemUpdate.jar" com.motive.firmwareUpdater.client.SprintModemUpdate O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPINST~1\plugin\bin\pchbutton.exe O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart O4 - Global Startup: Sprint virtual assistant.lnk = C:\Program Files\Sprint DSL virtual assistant\bin\matcli.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll O12 - Plugin for .png: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab' rel="external nofollow">http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab'>http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/SymAData.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/sj/en/check/qdiagh.cab?326 O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: Remote Procedure Call (RPC) Helper ( 11F
  22. hey jw....i tried to send the posts but they were to big apparently--i dont know what to do so i'll send it in 2 parts if i can... also...there was 1 thing on the list you gave me that wasnt there to check. "04-HKLM\..Run:[winwx.exe]C:WINDOWS\system32\winwx.exe" hope thats a good thing. ( part 1 ) --------------------------------------------------------- ewido anti-malware - Scan report --------------------------------------------------------- + Created on: 12:38:41 AM, 1/31/2006 + Report-Checksum: 140791F + Scan result: HKLM\SOFTWARE\Classes\CLSID\{01198741-DBE0-E6F4-9DBE-877B61FB1D1D} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{03BFEDA6-8678-C773-5452-E7082FCA1BD7} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{0B936818-A83D-004A-625A-757B4D758CC6} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{0E37D9E0-99E3-DA14-3197-60132338963E} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{1323178D-09E3-B628-CC3A-95630B64B7DA} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{1486290A-90C1-388F-ADC8-6BFAA6B057E8} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{1E920882-80EF-BD61-DBBD-0847C13D1197} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{22E7067A-283F-CF1C-4373-210A97C38BDB} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{30C5202D-2CDD-8C6D-6CD3-86CBAC73988B} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{4904C579-9366-3B77-3148-9401DBD4A5AA} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{4A210C09-C3AE-D36C-3EC5-0D7723985463} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{4A5DA6C7-CAFA-ADBE-1CBD-9DB325C4EB88} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{5345A51F-E5D0-5A0D-1418-A1C95C417E3C} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{65D75D06-7395-6352-09CD-E13B9059EFE9} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{676575DD-4D46-911D-8037-9B10D6EE8BB5} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{786A41BB-009D-DD27-EA3E-15DCD01EC75C} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{792A038A-9C16-9885-5B25-CE939788172A} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{792E2C95-AEBD-D9B8-E958-AD1BB5A3D9BA} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{8669ABB2-7410-3460-F449-E119DCA24CC4} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{8D01C3C9-547A-12EE-5401-4B29F8F98176} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{8E183E4D-1A0C-3195-3741-BBEABE2CBCD0} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{932ECF21-1DCB-F962-4C70-56830E2BD255} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{99B1E639-DCA2-2C21-013F-DEF4B5729CA9} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{9EDC0D8F-954E-A638-C240-D52042910A62} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{A01394EE-8B14-B1D4-AE65-22E7424A71D0} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{A5B3B4A7-6BD2-E7CE-E654-7A1D658D1BB3} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{ABFF8236-DCBD-E17B-0A69-6FD85FA199FE} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{B38F516E-48F2-CDBB-7D76-E0CFBCDBEE45} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{BCA18F7D-4CAB-D300-286E-432722FFB0FB} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{C5E66D21-FF6E-2881-4046-8D0402A4597D} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{D02510A9-69A7-24D5-85DA-D3EC8E911C73} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{D223F02D-058E-2CFE-D02D-81826009252B} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{D75B9D6B-FB2A-EE40-24DA-791D27C77147} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{E65FC41A-89B3-21B7-1EB6-E92DA3645370} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{F704A16D-BA8A-0DD4-CB9E-F0FA4A957D8D} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{F7B868F8-EA98-86A3-D29E-5BCE94E2DD6A} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{F80F0D50-2D6C-75C3-606A-3DFE0F4FC5D0} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{FC955BB2-DAA2-E394-1DD3-E8A207B823A6} -> Spyware.BetterInternet : Cleaned with backup HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Spyware.Alexa : Cleaned with backup C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214602-278.dll -> Downloader.Agent.bc : Cleaned with backup C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214602-366.dll -> Downloader.Agent.bc : Cleaned with backup C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214602-887.dll -> Downloader.Agent.bc : Cleaned with backup C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214602-899.dll -> Downloader.Agent.bc : Cleaned with backup C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214604-538.dll -> Downloader.Agent.bc : Cleaned with backup C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214605-368.dll -> Downloader.Agent.bc : Cleaned with backup C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214605-886.dll -> Downloader.Agent.bc : Cleaned with backup C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214606-279.dll -> Downloader.Agent.bc : Cleaned with backup C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214606-841.dll -> Downloader.Agent.bc : Cleaned with backup C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214614-719.dll -> Downloader.Agent.bc : Cleaned with backup C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214615-961.dll -> Downloader.Agent.bc : Cleaned with backup C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214617-985.dll -> Downloader.Agent.bc : Cleaned with backup C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214619-741.dll -> Downloader.Agent.bc : Cleaned with backup C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214621-432.dll -> Downloader.Agent.bc : Cleaned with backup C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214621-912.dll -> Downloader.Agent.bc : Cleaned with backup C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214623-513.dll -> Downloader.Agent.bc : Cleaned with backup C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214623-746.dll -> Downloader.Agent.bc : Cleaned with backup C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214624-459.dll -> Downloader.Agent.bc : Cleaned with backup C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214625-499.dll -> Downloader.Agent.bc : Cleaned with backup C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214627-986.dll -> Downloader.Agent.bc : Cleaned with backup C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214629-269.dll -> Downloader.Agent.bc : Cleaned with backup C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214631-756.dll -> Downloader.WinShow.bg : Cleaned with backup C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214632-913.dll -> Downloader.Agent.bc : Cleaned with backup C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214634-403.dll -> Downloader.WinShow.bg : Cleaned with backup C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214637-851.dll -> Downloader.Agent.bc : Cleaned with backup C:\WINDOWS\addav.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\addbm.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\addbo32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\addbr32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\addbu.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\addbz.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\addcc32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\addct32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\adddj.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\adddl.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\adddv32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\addem.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\adden32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\addgf32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\addgs32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\addhc.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\addhg.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\addin32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\addis32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\addjo.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\addjz.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\addkb32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\addkd32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\addkn32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\addky.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\addlf32.dll -> Downloader.Agent.bc : Cleaned with backup C:\WINDOWS\addlo.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\addly.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\addmh32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\addmt32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\addmz.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\addnn.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\addqx32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\addrd.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\addrq.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\addsq.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\addsx32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\addsy.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\addud.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\addui32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\addul32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\addur.dll -> Downloader.Agent.bc : Cleaned with backup C:\WINDOWS\addvg.dll -> Downloader.Agent.bc : Cleaned with backup C:\WINDOWS\addwk.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\addwp.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\addws32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\addwu.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\addxy32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\addyc32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\addye.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\addyh32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\addyu32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\addyy32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\addzy32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\apiaj.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apiak.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apiam.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apian32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\apiaw.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\apibj.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apibl.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\apibu32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apicq32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\apidh32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apids.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apids32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apidu32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apiee.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\apieh.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apifb32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apifd32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apifp32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\apigb.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apige32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apigo.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apihz.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\apiip32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\apije32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\apijh.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\apily32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apimb32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\apime.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apimx32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apipa.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\apipa32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apipf.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\apirm.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apiro32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apisq.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\apist32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apisy.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\apitq.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\apiur32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apiuw32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apivc32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\apivg32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\apivl32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apixq.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\apixx.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\apiyf.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\apiyh.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apizl32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\appae.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\appbm32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\appbv.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\appcb32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\appck.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\appdf.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apped32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\appfq32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\appfz32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\appgl.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\appgt.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\appht.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\apphw.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\apphz32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\appic.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\appig32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\appiw.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\appix32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\appje32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\appjh32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\appkd32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\appkw32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\appky.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\applf32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\appll.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\appln.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\appmc.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\appmm.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\appnp.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\appoo.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\appoq32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\appoy.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apppl.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apppm32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\appqm.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\appqz32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\appsw32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apptd.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\appth.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\appth32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\apptq32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\apptu.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\appug32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\appvb.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\appvo32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\appvq32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\appvy32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\appwv32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\appxs.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\appyj32.dll -> Downloader.Agent.bc : Cleaned with backup C:\WINDOWS\appyr.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\appyw32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atlag.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atlbj32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\atlca32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atlci.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atlcq.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atldh.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atlds32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\atlhb.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\atlhj32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atlhs.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atljh32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atljl.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\atljz32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atlkb.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\atlky.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atllc32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\atllk.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\atlls32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\atlmn.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atlmq.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atlnd.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atlnf.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atlni.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\atlnw.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atlor32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atlou32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\atlov32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\atlpb.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\atlpq.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\atlqc32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atlqj.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\atlqo.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\atlqs32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atlqw32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\atlqz.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atlrd.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\atlry.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atlsf32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\atlte.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atltf.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atltm32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\atltp.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atltp32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atlty32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\atluo.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atlur.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atluw.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\atlva.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atlvp32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\atlwp32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atlxa32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\atlxb32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atlxy.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\atlyw.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atlyx.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atlzd32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\atlzl.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ccqsy.dll -> Hijacker.Small : Cleaned with backup C:\WINDOWS\crar.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\crau32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\craz32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\crdj32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\crdm.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\crdn32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\crdy.exe -> Downloader.Agent.bq : Cleaned with backup C:\WINDOWS\cree32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\cref32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\creh.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\cres32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\crfy32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\crgg.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\crgn32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\crgw.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\crgy.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\crhx32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\crib32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\cril.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\cril32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\criz32.exe -> Downloader.Agent.bq : Cleaned with backup C:\WINDOWS\crkc32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\crky.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\crla32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\crmf.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\crml32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\crmu.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\crmz.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\crnj.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\crnp.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\crns32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\croa32.exe -> Downloader.Agent.bq : Cleaned with backup C:\WINDOWS\croj32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\cros.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\crow.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\crpu32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\crpz32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\crqa.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\crql32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\crqs32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\crqy32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\crry.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\crsb.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\crsg32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\crso32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\crst.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\crtk.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\crtp.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\crud32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\crvj32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\crvq.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\crwn.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\crxa.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\crxp.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\crxq32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\crxs32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\crzn.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\cznlp.dll -> Adware.SearchPage : Cleaned with backup C:\WINDOWS\d3ap.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\d3as32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\d3av.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3bb.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\d3bl32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3bn.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3cd32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3cm.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3cp32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\d3cy.dll -> Downloader.Agent.bc : Cleaned with backup C:\WINDOWS\d3dh32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3ea32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3em.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3fh.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3fy.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3gi.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3gt.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3gv32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\d3hb32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3hg.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3ho32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3ih32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3il.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\d3jl.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3kb.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\d3kd32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3lq32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3lu32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\d3ly32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3mc32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3ou.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3ph.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\d3pj.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\d3pu32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3qh32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\d3qz32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3re32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3rh32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\d3sg32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3sh.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\d3ta.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3ti32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\d3tw32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\d3ua32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3ui.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3uw32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\d3vr32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3wa.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\d3wy.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\d3xa.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3xq.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3yb32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\d3yc.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3yt.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3yt32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\d3zn.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\dzsqe.dll -> Hijacker.Small : Cleaned with backup C:\WINDOWS\hcjmy.dll -> Adware.SearchPage : Cleaned with backup C:\WINDOWS\ieaj32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ieal.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ieat.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\iebb.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\iech32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ieco.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\iecu.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ieda.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\iedd.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\iedh32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\iefj.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\iegz.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\iehl.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\iehn32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ieho.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\iejs.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\iekv.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\iela.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ielb.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\iels.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ielx.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\iemh32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\iemr.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\iemu.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\iemv.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ienz32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ieon32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\iepn32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ieqa.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ieqg.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ieqi32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ieqk.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ieqy32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ierb.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ierl.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ierw32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\iesy.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ietw.dll -> Downloader.Agent.bc : Cleaned with backup C:\WINDOWS\ietw32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ieuo.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ieuu.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ievf.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\iewj32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\iewv.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\iexd32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\iexh32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\iexj.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\iexq32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ieyf.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ieyf32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\iezl.exe -> Downloader.Agent.bq : Cleaned with backup C:\WINDOWS\iezm.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\iezm32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\iezp.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\iezt32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ifrdy.dll -> Hijacker.Small : Cleaned with backup C:\WINDOWS\ipae.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipbl32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipbq32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipbu.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ipcg.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipck32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipdd.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipdn.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipej32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ipen32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipfb.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipfz.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ipgm.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\iphd.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\iphf.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\iphk.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\iphu32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ipir32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ipjj32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipkc.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipks.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipks32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipku.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\iplv32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipmh32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipmj32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipms.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ipog32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipoo.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ippg.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ippo.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ippx32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipqa.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipqk32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipqp.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ipqy32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\iprx.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipss32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\iptx32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ipul.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipvo.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ipwf.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ipwl.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ipwn32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ipws32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipxj.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ipxs.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ipxv.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipxy32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipyh32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipyl32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ipyq.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipyt.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipyt32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipyy.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ipza32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipzh32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipzk.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipzs32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\iwako.dll -> Hijacker.Small : Cleaned with backup C:\WINDOWS\javabg.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javabi.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javabl.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javacq.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\javacv.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\javadi32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javadl32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javaek.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\javafu32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javahe32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\javahz.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javaig.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\javail32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\javajh32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javajj.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javajx.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\javalj.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javall32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\javame.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\javamh32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javamw32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\javamz.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javans.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javant.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javanu.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\javaog32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\javaoi.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\javaoo32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javaoq32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javaow.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javard.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javarw32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\javasi32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javasu.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javatb.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javatw.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javaur.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javava.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javavk32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\javawd32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javawf32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\javawn.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javaxm.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\javays.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javayx.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\javazb32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javazn32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\javazr32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\kslyp.dll -> Adware.SearchPage : Cleaned with backup C:\WINDOWS\lstnh.dll -> Hijacker.Small : Cleaned with backup C:\WINDOWS\mfcae32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mfcai32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mfcan.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mfcaw.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mfcbq32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mfcco32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mfcdg.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mfcdx.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mfceh32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mfces32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mfcet32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mfcew32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mfcfl32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mfcga32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mfcgy.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mfchb32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mfchh32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mfchj32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mfcif32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mfcih32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mfcjk.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mfcjm.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mfckl.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mfcle.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mfclm32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mfclo.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mfclu.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mfclz32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mfcma.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mfcmc32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mfcmt32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mfcnb.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mfcnf.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mfcnq.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mfcnr32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mfcnw32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mfcol32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mfcpf32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mfcpx32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mfcpz32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mfcql32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mfcrj.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mfcsg.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mfctd32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mfctr32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mfcuw.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mfcvm32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mfcvo.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mfczk.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mjkwr.dll -> Adware.SearchPage : Cleaned with backup C:\WINDOWS\msap.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\msbq32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mscd32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mscj.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\msda32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\msdq.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\msea.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\msfb32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\msfc.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\msfh32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\msgz32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mshc.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\msho32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mshz.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\msia.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\msie32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\msiu.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\msjj32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\msjq.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mslb.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mslv32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\msmd32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\msmn32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\msni.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\msnk.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\msnl.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\msoo.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mspf32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mspg32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mspj32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\msqy.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\msrj32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\msrt32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mstg32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\msti32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mstr32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\msts32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mstu32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mstz.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\msua32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mswg32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mswm32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mswp.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mswu32.dll -> Downloader.Agent.bc : Cleaned with backup C:\WINDOWS\mswy.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\msxf.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\msxg32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\msxz.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\msyb32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\msyc32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\msyt.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\msyv32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\msyw32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mszf32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mszp32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mszq32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\mszz32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\netaq32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\netbp32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\netda32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\netdc.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\netdc32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\netdm.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\netdt32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\netex32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\netez32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\netfc.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\netff32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\netgd32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\netgh32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\netgr.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\netgt32.dll -> Downloader.Agent.bc : Cleaned with backup C:\WINDOWS\netgt32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\netgx.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\nethc.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\nethf32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\nethl32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\nethm.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\nethn.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\netjo32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\netjq.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\netjz32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\netkm32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\netkp.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\netkz.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\netmz.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\netmz32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\netnm32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\netof32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\netpo.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\netqp.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\netrd.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\netrd32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\netrn32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\netsp32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\netsq.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\netto32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\netuv.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\netvv32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\netwx.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\netxs32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\netye.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\netyt.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\netzs32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\nhxyz.dll -> Adware.SearchPage : Cleaned with backup C:\WINDOWS\nngzj.dll -> Adware.SearchPage : Cleaned with backup C:\WINDOWS\nqpag.dll -> Hijacker.Small : Cleaned with backup C:\WINDOWS\ntay32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ntbw.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ntca.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ntce.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ntcj.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ntcw32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ntcz32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\nten.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ntew32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ntex32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ntfb32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ntfh32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ntfn32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\ntfo.exe -> Troj
  23. ok jw....heres my current log as u requested...thanks for any help u can give. i saw somewhere,where folks can donate.(i cant find it now...of course)can you let me know where/how i can get back to this button/place..more to the point a physical place where i can mail a check or money order due to the fact that i really dont want to do any money type transactions on the computer(still dont trust them for security reasons)...i will definitly donate some fundage towards u guys in ur efforts towards fixing this stupid cws crap..again,your help is greatly appreciated---i cant tell how much.. hardracer Logfile of HijackThis v1.99.1 Scan saved at 10:46:41 PM, on 1/27/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\windows\system\hpsysdrv.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\BroadJump\Client Foundation\CFD.exe C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\system32\winwx.exe C:\WINDOWS\System32\ctfmon.exe C:\PROGRA~1\HPINST~1\plugin\bin\pchbutton.exe C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe C:\Program Files\EarthLink TotalAccess\TaskPanl.exe C:\WINDOWS\system32\ieab32.exe C:\Program Files\Sprint DSL virtual assistant\bin\SprintVirtualAssistant.exe C:\Program Files\Sprint DSL virtual assistant\bin\mpbtn.exe c:\PROGRA~1\HEWLET~1\HPINST~1\common\MOTIVE~1.EXE C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\MSN\MSNCoreFiles\msn.exe C:\WINDOWS\System32\rsvp.exe C:\Documents and Settings\Owner\Desktop\HijackThis.exe C:\Program Files\Messenger\msmsgs.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/more/msie...ton/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\bwmun.dll/sp.html#37049 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\bwmun.dll/sp.html#37049 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\bwmun.dll/sp.html#37049 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.searchv.com/search.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\bwmun.dll/sp.html#37049 R3 - Default URLSearchHook is missing O2 - BHO: Class - {014A827D-E04B-4100-86CC-AA5FBCB8F577} - C:\WINDOWS\system32\ntoz.dll O2 - BHO: Class - {0291E910-8D54-4FA6-C81D-D18ED280B289} - C:\WINDOWS\apius32.dll O2 - BHO: Class - {04D536A8-BE6C-6283-AD25-18CADEF98984} - C:\WINDOWS\sysdw32.dll O2 - BHO: Class - {058C9936-6D60-53AB-C6A6-BABA8EDE5F00} - C:\WINDOWS\system32\winnh.dll O2 - BHO: Class - {05F3C50C-D53F-D6BC-9065-2ABB3092A8D0} - C:\WINDOWS\ipsd.dll O2 - BHO: Class - {05F3F3D2-8BFA-C735-FCDF-D4BD8418D325} - C:\WINDOWS\wincd32.dll O2 - BHO: Class - {06197E31-50B6-4043-D6C9-8E70AAB849E5} - C:\WINDOWS\system32\windh.dll O2 - BHO: Class - {065A3DF4-4253-B880-16A3-75DA427DD453} - C:\WINDOWS\wintz.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Class - {07AC6A37-E15F-F543-A739-15DB1285B61A} - C:\WINDOWS\system32\mstv.dll O2 - BHO: Class - {07D83F1A-3A3D-EF25-F957-DCA0DCC72ABC} - C:\WINDOWS\sdkss32.dll O2 - BHO: Class - {07E2FBBF-C64A-1972-227E-82FA4861EB78} - C:\WINDOWS\apias.dll O2 - BHO: Class - {07E66B38-1367-7DC0-FD3C-CA1BFBA6BCC7} - C:\WINDOWS\system32\atlyd.dll O2 - BHO: Class - {083A00C1-8BB2-5BD6-D3E8-27ADF3D597CA} - C:\WINDOWS\msmk.dll O2 - BHO: Class - {08B062B7-0572-9CCE-27F2-A318B78A3677} - C:\WINDOWS\ntxm32.dll O2 - BHO: Class - {094C8CED-58C8-2CD1-5207-27C140FB0531} - C:\WINDOWS\ieqe32.dll O2 - BHO: Class - {094EDED8-1F6C-995C-6754-A544D7EA188B} - C:\WINDOWS\system32\crbr32.dll O2 - BHO: Class - {0A8D0092-6F79-27C0-3B9C-D542A7FC6907} - C:\WINDOWS\system32\javalr32.dll O2 - BHO: Class - {0B01EADD-4EEA-1744-7321-45BB28A5E86A} - C:\WINDOWS\system32\javabq32.dll O2 - BHO: Class - {0CAEDEE2-8F3E-F86F-35DC-CDEAAE346249} - C:\WINDOWS\crvc.dll O2 - BHO: Class - {0DFE18F1-8279-20AE-4CC5-10CB30FF50DA} - C:\WINDOWS\appul32.dll O2 - BHO: Class - {0E07F1CC-6044-9AB8-86B3-B33F53CA4787} - C:\WINDOWS\javaph.dll O2 - BHO: Class - {0E3BEE03-C426-F488-CA26-D938932339AC} - C:\WINDOWS\system32\ntqt.dll O2 - BHO: Class - {0F0E061E-FA0C-0C44-F0D9-0E0C21180458} - C:\WINDOWS\mfcnb.dll O2 - BHO: Class - {0FCDFA68-74F9-605A-8029-180E50A9964A} - C:\WINDOWS\system32\netai.dll O2 - BHO: Class - {102D7ADF-B1F2-150B-DD47-0D7AE8ECDFE0} - C:\WINDOWS\javabo.dll O2 - BHO: Class - {10FF78CB-D256-A957-AA38-C09CAEAA3E70} - C:\WINDOWS\system32\mfcgx.dll O2 - BHO: Class - {116B5897-9869-1B77-3DC7-646F9CB58D2B} - C:\WINDOWS\system32\msrn32.dll O2 - BHO: Class - {11BE3648-39DF-4A8F-2B7F-AF543F3C21DF} - C:\WINDOWS\sysmx32.dll O2 - BHO: Class - {11BEC0B9-C370-4820-FE14-3C42B32E0875} - C:\WINDOWS\system32\apitx.dll O2 - BHO: Class - {124EC0E5-C940-3ED0-1241-6B1E7CF1D1E8} - C:\WINDOWS\d3xq.dll O2 - BHO: Class - {1323364A-6290-C22E-760E-ABFCF4445116} - C:\WINDOWS\system32\iehq32.dll O2 - BHO: Class - {13B77FE1-9911-A0C2-1D01-61CA21EAEB83} - C:\WINDOWS\system32\addbt.dll O2 - BHO: Class - {13C3D1A3-A53A-6BFB-F6CA-8FA7292FE0F0} - C:\WINDOWS\sdkzj.dll O2 - BHO: Class - {14882629-ECB5-DB2D-9FF8-D87930DD6A0A} - C:\WINDOWS\iefb32.dll O2 - BHO: Class - {153707B5-D0ED-A171-CBB3-87B9E1296513} - C:\WINDOWS\atlwb32.dll O2 - BHO: Class - {1546F4A6-423F-7B55-1F30-B621C06F5D69} - C:\WINDOWS\system32\d3bu32.dll O2 - BHO: Class - {1676763F-15C3-F5F2-9C0B-0631705661ED} - C:\WINDOWS\ntng32.dll O2 - BHO: Class - {16A67573-5153-0344-B04A-BF8F43B5057F} - C:\WINDOWS\sdkql.dll O2 - BHO: Class - {16B25743-B02B-E5F0-F1AE-94D196232E38} - C:\WINDOWS\winkl.dll O2 - BHO: Class - {16BD821E-5751-423E-4850-6CC5D07FECD8} - C:\WINDOWS\winfc32.dll O2 - BHO: Class - {16D601F6-E41B-1A0C-95AA-2EF05F7C37EE} - C:\WINDOWS\system32\appze.dll O2 - BHO: Class - {17094FC7-F985-CD03-CB64-049B61C2C70E} - C:\WINDOWS\system32\addcg.dll O2 - BHO: Class - {1713182A-5092-DD29-01DB-F0D69793396C} - C:\WINDOWS\addco.dll O2 - BHO: Class - {1760E281-B7CE-24A2-166B-0B9F9BB7B8A9} - C:\WINDOWS\system32\netpc32.dll O2 - BHO: Class - {17A1BA50-1F42-91DF-8D52-9482601397EF} - C:\WINDOWS\apigp32.dll O2 - BHO: Class - {18C9B52B-7151-9593-8427-72C86515DCDE} - C:\WINDOWS\appcb.dll O2 - BHO: Class - {1A828816-226B-81EE-2E66-CFEBA8E97E2F} - C:\WINDOWS\apibh32.dll O2 - BHO: Class - {1AF1C718-5A24-D7BB-592A-F2291195734F} - C:\WINDOWS\appbe32.dll O2 - BHO: Class - {1B7649CB-3BCF-46D5-F4A7-39AEAE5625AB} - C:\WINDOWS\crzn.dll O2 - BHO: Class - {1B849856-C2B0-C16F-7AA2-AF1A44A6BEDA} - C:\WINDOWS\system32\ipma32.dll O2 - BHO: Class - {1B9CCCD9-3DA0-5E43-A4CE-924A8F49CC0F} - C:\WINDOWS\system32\iexs.dll O2 - BHO: Class - {1DF846A3-16F9-BEC1-05D0-31207FD24B28} - C:\WINDOWS\system32\javaxu32.dll O2 - BHO: Class - {1E94F949-F3F0-5C64-038A-53C68D35F288} - C:\WINDOWS\system32\javalr.dll O2 - BHO: Class - {1EB77D8F-DC5A-7E55-59FC-844CAE64FC70} - C:\WINDOWS\syslm.dll O2 - BHO: Class - {1EDBFE12-619A-B05D-D81A-42593402A991} - C:\WINDOWS\appsh.dll O2 - BHO: Class - {1F1A3DD0-5DB3-08D8-FE9F-CB49DA5EFA2E} - C:\WINDOWS\system32\syspu.dll O2 - BHO: Class - {1F7B837E-CC0C-8A77-DD3C-43144BEFEB4B} - C:\WINDOWS\d3nm32.dll O2 - BHO: Class - {1F8E709E-AEC3-AC71-0350-66348A990C05} - C:\WINDOWS\system32\msps.dll O2 - BHO: Class - {204BFD00-8711-E685-9059-B543F47899E1} - C:\WINDOWS\system32\d3tx32.dll O2 - BHO: Class - {2067DEDB-34F7-9CC4-7353-3E1E927B32A3} - C:\WINDOWS\system32\d3lc32.dll O2 - BHO: Class - {22A99D53-6CB9-33A5-DED6-D04F5F0F1AE8} - C:\WINDOWS\system32\d3nm32.dll O2 - BHO: Class - {22B1BD81-78EF-C72F-0793-EFF78ED6B103} - C:\WINDOWS\system32\javalf.dll O2 - BHO: Class - {2345C8ED-802B-A5E6-4EE8-68E9D4825903} - C:\WINDOWS\iedl.dll O2 - BHO: Class - {23DA50CE-1A25-2F1D-13E6-38C10B86A8F2} - C:\WINDOWS\appug32.dll O2 - BHO: Class - {23E29B01-78ED-B227-C0D9-7F01F2621B9A} - C:\WINDOWS\system32\addbd32.dll O2 - BHO: Class - {24BE1459-795A-5BA6-B9B1-DC1A2D1652EF} - C:\WINDOWS\system32\winmg.dll O2 - BHO: Class - {25058AE5-5371-3EC0-9CB9-B7B2AE83A00A} - C:\WINDOWS\system32\crmn.dll O2 - BHO: Class - {259EE5B9-79F9-788C-1426-7B4E6B1A0211} - C:\WINDOWS\addic32.dll O2 - BHO: Class - {28223167-A6CC-2F8F-758F-1F424FBB380E} - C:\WINDOWS\system32\mfcyi.dll O2 - BHO: Class - {28FF0DAA-6EDD-259A-83C4-EADDF15D72AD} - C:\WINDOWS\system32\mfcbl32.dll O2 - BHO: Class - {29FC66BD-3EA4-3F16-0ABF-93515F25ED12} - C:\WINDOWS\winjx32.dll O2 - BHO: Class - {2A37058B-D1BB-61D1-21BA-B7A66036D544} - C:\WINDOWS\appkg32.dll O2 - BHO: Class - {2A696067-2ABB-2ABE-9CCF-E895A174E181} - C:\WINDOWS\wintm.dll O2 - BHO: Class - {2AD24B66-877B-347B-4D3D-73A13C8BB2CB} - C:\WINDOWS\netdg.dll O2 - BHO: Class - {2ADD1D56-2534-91AF-C52E-680B595C6999} - C:\WINDOWS\system32\ierm32.dll O2 - BHO: Class - {2CE88230-1C35-89B5-88A0-B07ACA0B401D} - C:\WINDOWS\system32\ntjf.dll O2 - BHO: Class - {2CEB755B-6BCC-9879-D315-A49FBFA75BD7} - C:\WINDOWS\ntux.dll O2 - BHO: Class - {2CFF8F86-4117-E570-DCB8-49CE5BB1B815} - C:\WINDOWS\apijn32.dll O2 - BHO: Class - {2D83144A-96F5-FD55-350C-BB36CBABB8B2} - C:\WINDOWS\system32\msyf.dll O2 - BHO: Class - {2D9A5F30-BB39-3C3B-1DB0-A4572E5E7077} - C:\WINDOWS\ipot32.dll O2 - BHO: Class - {2E5DB345-70C0-FF98-D20F-C69A65169900} - C:\WINDOWS\system32\mfclq32.dll O2 - BHO: Class - {2EDD9108-F5D8-936A-8F9A-116CB847DCC0} - C:\WINDOWS\d3mx32.dll O2 - BHO: Class - {2F1C51B0-AC7F-A18C-6486-8BD910B563C3} - C:\WINDOWS\system32\sdktf32.dll O2 - BHO: Class - {2F7660FB-0CEA-4B11-A8C5-3175CFDBA441} - C:\WINDOWS\system32\windj32.dll O2 - BHO: Class - {2FA6B0AE-AAE8-9CDC-8004-516B1C672B52} - C:\WINDOWS\appqi32.dll O2 - BHO: Class - {2FCA3DE0-0928-B4AD-0D83-44697B4D7A24} - C:\WINDOWS\atlyc32.dll O2 - BHO: Class - {300881BB-DD69-DBCB-AE92-B05A3E8707E1} - C:\WINDOWS\iewo.dll O2 - BHO: Class - {309B0370-9499-BD83-5B63-522A8DC7EFD4} - C:\WINDOWS\system32\ntmi.dll O2 - BHO: Class - {30B92BEE-1F2E-CDB3-9958-2877E3A478BF} - C:\WINDOWS\ipwf32.dll O2 - BHO: Class - {30C15F1B-B902-8769-7E97-07B632351674} - C:\WINDOWS\netza.dll O2 - BHO: Class - {3202B39B-A35B-BCEE-9DB0-68ED2C239785} - C:\WINDOWS\system32\crfq.dll O2 - BHO: Class - {32647596-213A-8327-EDB5-24A45C5C5E36} - C:\WINDOWS\sdkig.dll O2 - BHO: Class - {32D819AE-5E1D-5524-783B-C8993083716B} - C:\WINDOWS\winwr.dll O2 - BHO: Class - {33AC10E4-94BE-C3D0-855D-41F27DCEDD3D} - C:\WINDOWS\system32\msma.dll O2 - BHO: Class - {33EC6E43-4826-94FA-3A03-B94290B62B85} - C:\WINDOWS\iehb.dll O2 - BHO: Class - {34563B77-50A7-B32B-750C-907E592AD1F7} - C:\WINDOWS\system32\ntiw.dll O2 - BHO: Class - {3487A0E4-207B-E09F-81B8-A8EDBD853E83} - C:\WINDOWS\mfchd32.dll O2 - BHO: Class - {3585FF78-2F11-FF4A-2596-1DF8EA166C87} - C:\WINDOWS\system32\javayr32.dll O2 - BHO: Class - {36CC50DE-E932-3435-B11B-709E3AFE8849} - C:\WINDOWS\sdkfz.dll O2 - BHO: Class - {3712D7D0-9565-F99D-D800-6036A77E45C4} - C:\WINDOWS\crdy32.dll O2 - BHO: Class - {38270C16-6F54-81A1-B343-987591F9FF85} - C:\WINDOWS\system32\iexa32.dll O2 - BHO: Class - {38683242-D589-5595-2821-3BE52429FEC3} - C:\WINDOWS\system32\appks32.dll O2 - BHO: Class - {38A13BE2-44E2-8EAD-D101-458EB7B89D67} - C:\WINDOWS\system32\javadg32.dll O2 - BHO: Class - {38EB7DA0-52FB-AADA-9FBF-2A397DD19AA1} - C:\WINDOWS\system32\crln32.dll O2 - BHO: Class - {3ADF6BD5-30EF-8D1D-8D7D-3A0CDCC2FD01} - C:\WINDOWS\system32\appxc.dll O2 - BHO: Class - {3AEAD8F8-7409-2055-D03F-1E630CC0A5B8} - C:\WINDOWS\winot.dll O2 - BHO: Class - {3AF46D2B-238E-2C0A-6C63-109D3CE5E7C0} - C:\WINDOWS\addsz32.dll O2 - BHO: Class - {3AF61C43-088F-A3C6-4312-3AB906276F3A} - C:\WINDOWS\system32\winfu.dll O2 - BHO: Class - {3BA5C516-2E23-6854-9EFC-21E89FEB7C2E} - C:\WINDOWS\system32\mspl.dll O2 - BHO: Class - {3BB31146-3116-E523-81A1-39DC94BD27E5} - C:\WINDOWS\system32\appdm32.dll O2 - BHO: Class - {3BD916EE-69B6-9D47-6347-D97C3BA97F02} - C:\WINDOWS\system32\mfcam32.dll O2 - BHO: Class - {3C69B1A3-D6E3-9B58-A742-1A46F3BDB7CE} - C:\WINDOWS\winqw.dll O2 - BHO: Class - {3C73D315-DD9F-9F82-0398-D2936B2878B2} - C:\WINDOWS\ntfs32.dll O2 - BHO: Class - {3C7FB04E-255B-74C8-0E5F-D8E57CAAC3BC} - C:\WINDOWS\apphf32.dll O2 - BHO: Class - {3D2ACA16-3F1C-BF97-6524-0F7072E1E895} - C:\WINDOWS\netnx32.dll O2 - BHO: Class - {3D983ED1-97AB-F11D-D545-3A47F28CC430} - C:\WINDOWS\system32\winuq.dll O2 - BHO: Class - {3E8EDD63-7719-B595-1F25-C50F23DBF99D} - C:\WINDOWS\system32\javakb32.dll O2 - BHO: Class - {40430AEB-7146-EE85-0D82-B57E2A8F44A9} - C:\WINDOWS\addwr.dll O2 - BHO: Class - {4089564D-FCC7-C2D7-9F2A-ED05B543E8CA} - C:\WINDOWS\system32\sysfa32.dll O2 - BHO: Class - {4097E29E-2A74-3EEA-7090-0E73AF19AC3E} - C:\WINDOWS\apiri32.dll O2 - BHO: Class - {4249913F-B87B-5BCB-BDAC-0E589CD03682} - C:\WINDOWS\system32\appkx32.dll O2 - BHO: Class - {42874627-68BA-AD3E-2E5A-AF9C92CF61D3} - C:\WINDOWS\system32\ieov32.dll O2 - BHO: Class - {42B28786-0E2F-6823-286D-BA74F50C3A0D} - C:\WINDOWS\addww32.dll O2 - BHO: Class - {42B6D2AA-FC71-B406-F3BA-1E0D9D759441} - C:\WINDOWS\apphf.dll O2 - BHO: Class - {43544B19-A240-DF9B-5CE9-9DC02154188E} - C:\WINDOWS\system32\d3bt32.dll O2 - BHO: Class - {4407E807-267B-A3CE-F228-77149FA4302C} - C:\WINDOWS\system32\sysex.dll O2 - BHO: Class - {4478A40E-095C-9113-16CA-AAE4FCB0841A} - C:\WINDOWS\netyz32.dll O2 - BHO: Class - {44D83962-1E60-044C-50E1-DCC0B1C6B08C} - C:\WINDOWS\atlop32.dll O2 - BHO: Class - {45723711-8D3F-C8F9-24E0-F252B24B3148} - C:\WINDOWS\sdkau.dll O2 - BHO: Class - {45BF02B3-6F53-F516-CA0B-8B10C0085204} - C:\WINDOWS\apigq32.dll O2 - BHO: Class - {460072CA-8C43-F205-2195-C713F1949B30} - C:\WINDOWS\javasu32.dll O2 - BHO: Class - {46030852-EC50-153A-66BC-0BAEA8CBC16A} - C:\WINDOWS\system32\msjb.dll O2 - BHO: Class - {469875BB-BC3F-507E-B350-021484557DB4} - C:\WINDOWS\system32\d3nj32.dll O2 - BHO: Class - {477DF9B4-C171-F601-74D6-D3697B4B1E8B} - C:\WINDOWS\addct32.dll O2 - BHO: Class - {48604E09-168D-FEB9-0B26-5518D029DA95} - C:\WINDOWS\system32\ipxh.dll O2 - BHO: Class - {4861F239-22C4-39AD-0E05-069E210E1F47} - C:\WINDOWS\javani.dll O2 - BHO: Class - {4A6CF2F7-DDDD-2A8C-FF62-94A72AA7954F} - C:\WINDOWS\appja32.dll O2 - BHO: EarthLink Popup Blocker - {4B5F2E08-6F39-479a-B547-B2026E4C7EDF} - C:\Program Files\EarthLink TotalAccess\PnEL.dll O2 - BHO: Class - {4B898F0F-81A2-A0FB-5F4C-37100AC2D624} - C:\WINDOWS\system32\d3ew32.dll O2 - BHO: Class - {4C97FF57-707D-49B6-2CBA-7996791E6202} - C:\WINDOWS\netdt32.dll O2 - BHO: Class - {4CB86D61-970D-C338-7AD0-8B13C488150E} - C:\WINDOWS\sdkcd32.dll O2 - BHO: Class - {4CC0A8A4-E4C5-6742-27C3-C153BB6598A6} - C:\WINDOWS\ippg32.dll O2 - BHO: Class - {4D55F1A8-55DA-AA1A-83F6-E4407B24CCE5} - C:\WINDOWS\system32\ipdb.dll O2 - BHO: Class - {4D77B656-3929-8E8D-2C15-42407E685FFA} - C:\WINDOWS\crlh32.dll O2 - BHO: Class - {4DB64B88-0933-55E1-5343-261A238D2B60} - C:\WINDOWS\ntfk32.dll O2 - BHO: Class - {4EC3A22A-5434-CC1A-4E91-B9094044E2D6} - C:\WINDOWS\system32\ipmm.dll O2 - BHO: Class - {4EF173C7-37FB-764C-4EE2-D86CB880FB29} - C:\WINDOWS\sysmy32.dll O2 - BHO: Class - {4EFEDBE3-55DF-655C-7684-265961EDD697} - C:\WINDOWS\javaci32.dll O2 - BHO: Class - {4F5D7708-5CE8-F0D7-D1F2-50B7B257B1EF} - C:\WINDOWS\javats.dll O2 - BHO: Class - {50AA68D1-B792-9F1D-0E5A-E28E5958CC5B} - C:\WINDOWS\system32\mfcse32.dll O2 - BHO: Class - {50B7CF0C-8AE5-BB42-E622-CE649815FF71} - C:\WINDOWS\system32\atlvo.dll O2 - BHO: Class - {50D98177-3925-757E-8E92-625565712438} - C:\WINDOWS\d3ce.dll O2 - BHO: Class - {510C09CC-B06A-EFC8-2E17-38F386848F3E} - C:\WINDOWS\crud32.dll O2 - BHO: Class - {5169D876-4C97-5087-3456-0DCBB0716BC9} - C:\WINDOWS\iezy32.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Class - {5395C6CC-9119-AA2E-B008-2D31A543B883} - C:\WINDOWS\system32\atlia.dll O2 - BHO: Class - {539B572E-7B0F-7CC3-9352-C94BF984726F} - C:\WINDOWS\apikl.dll O2 - BHO: Class - {54255AC2-2B7F-9119-713D-1BFBB01E8BCD} - C:\WINDOWS\nethy.dll O2 - BHO: Class - {54D0E15D-04E1-F4B0-9D57-9A826010E6AA} - C:\WINDOWS\ipkl.dll O2 - BHO: Class - {55AC4EE7-4B4F-A677-88EE-C19AD29C7B4D} - C:\WINDOWS\system32\iedk32.dll O2 - BHO: Class - {55E7FCAD-77C1-35FF-8206-D7405C6CDFAB} - C:\WINDOWS\ippb32.dll O2 - BHO: Class - {5624FB2A-5E7E-C67B-2C18-0AAF52EEFBB0} - C:\WINDOWS\ipun32.dll O2 - BHO: Class - {565744A1-C652-BC19-4230-289DA72A989C} - C:\WINDOWS\netur32.dll O2 - BHO: Class - {572A44A6-4945-DA71-B13F-066F8EC29E66} - C:\WINDOWS\appex.dll O2 - BHO: Class - {5732A44D-F6D6-76F6-4E92-2027907B8818} - C:\WINDOWS\system32\d3bo.dll O2 - BHO: Class - {574F5154-24C8-7C08-5A89-1EF0CC0ABB65} - C:\WINDOWS\system32\ntwj.dll O2 - BHO: Class - {5994FD3E-5FC2-9A72-EE68-06292ACBFC71} - C:\WINDOWS\system32\ntqw32.dll O2 - BHO: Class - {5BE76740-FD01-49B4-5ABA-AA49D68044EF} - C:\WINDOWS\sdklr.dll O2 - BHO: Class - {5C145150-DD6C-53BA-84AE-224D696D255B} - C:\WINDOWS\ntej32.dll O2 - BHO: Class - {5C2283D1-61C9-9337-3709-169AA24C7206} - C:\WINDOWS\system32\sysjx.dll O2 - BHO: Class - {5C74F9CB-19A6-7A1A-EAF6-EB84A7061D05} - C:\WINDOWS\system32\mfcpy.dll O2 - BHO: Class - {5E709357-9905-BEDE-6228-649AC8CA2565} - C:\WINDOWS\system32\d3sd32.dll O2 - BHO: (no name) - {5E7FFA99-C5C0-6BFA-DA44-8A9DB0AE94FD} - (no file) O2 - BHO: Class - {604368E9-EA0B-0E3E-E1F2-50F1DD1F7690} - C:\WINDOWS\system32\mfcan.dll O2 - BHO: Class - {610207BA-E8D7-9260-B756-291184C1BFB4} - C:\WINDOWS\ieqy32.dll O2 - BHO: Class - {61675AEA-0AAC-FB29-2A8B-E712314B4A52} - C:\WINDOWS\system32\msxv.dll O2 - BHO: Class - {61BB595D-A6B2-4293-216F-8317630E1849} - C:\WINDOWS\system32\crwi.dll O2 - BHO: Class - {6248255C-2322-395B-0A66-A5455141BD55} - C:\WINDOWS\system32\sdkfe32.dll O2 - BHO: Class - {628389AE-FDE9-F181-ABB4-DB08BD5345BC} - C:\WINDOWS\d3ph.dll O2 - BHO: Class - {6292CB7C-CAEA-9541-226F-1C73897C3C39} - C:\WINDOWS\d3ki.dll O2 - BHO: Class - {629FEEBC-8D1F-BA64-26C3-686D45062880} - C:\WINDOWS\system32\cryp.dll O2 - BHO: Class - {630B5448-88BA-594C-A5C4-16A53B83F0F9} - C:\WINDOWS\system32\ipqh32.dll O2 - BHO: Class - {6469535C-868D-78CB-87BD-9BF74E0AEB7A} - C:\WINDOWS\system32\addsz.dll O2 - BHO: Class - {646D843D-7CDF-78F8-2D9D-391E871C2089} - C:\WINDOWS\iplz.dll O2 - BHO: Class - {646F2028-8431-3C1F-122B-739B5643F144} - C:\WINDOWS\system32\apptc32.dll O2 - BHO: Class - {646F6A47-24D0-2033-3709-4F9D79ED6FC9} - C:\WINDOWS\atlqm.dll O2 - BHO: Class - {64ACBCED-4C70-32ED-5E7C-6D6EFEDA085F} - C:\WINDOWS\mfcvq32.dll O2 - BHO: Class - {64CA0FC6-5085-C447-8988-25C5AC6CDBBE} - C:\WINDOWS\system32\netuu32.dll O2 - BHO: Class - {651DA460-C8D1-926D-7E35-8258A39BB7C2} - C:\WINDOWS\atldp32.dll O2 - BHO: Class - {652D4929-5C76-94A9-0C3D-31460592C199} - C:\WINDOWS\system32\winbk.dll O2 - BHO: Class - {6565FF3C-2255-1708-8543-85E668E94D6C} - C:\WINDOWS\system32\apimc32.dll O2 - BHO: Class - {66E7A648-A2D0-B506-715E-8D564D8364C2} - C:\WINDOWS\system32\netma32.dll O2 - BHO: Class - {6736D543-9459-D61F-8FA7-A53653949C0D} - C:\WINDOWS\netbr32.dll O2 - BHO: Class - {681772EF-1514-33C7-0408-B8771F24D4CB} - C:\WINDOWS\d3ed.dll O2 - BHO: Class - {683DA086-8E62-5396-D4EF-2401FF58EB59} - C:\WINDOWS\system32\ipxf.dll O2 - BHO: Class - {69848259-E5F3-2574-2AEE-41BB1DBD3EAC} - C:\WINDOWS\msap32.dll O2 - BHO: Class - {69A8069F-CE5E-4765-8040-82403FEC3895} - C:\WINDOWS\system32\netln32.dll O2 - BHO: Class - {69A989AD-BFBB-9324-846E-194CABCE649B} - C:\WINDOWS\system32\ntob32.dll O2 - BHO: Class - {69C0535E-8F6B-1482-8F80-DF6B338BFBF8} - C:\WINDOWS\system32\crlw32.dll O2 - BHO: Class - {6A9A98A4-1733-141A-04B1-536A43E5A00C} - C:\WINDOWS\netdc.dll O2 - BHO: Class - {6AA3715D-405C-076E-8F16-52A674C871DB} - C:\WINDOWS\system32\addlc32.dll O2 - BHO: Class - {6AA46007-7E40-353F-4B29-4EB589B6027B} - C:\WINDOWS\ntwi32.dll O2 - BHO: Class - {6B2E69E2-80CF-0FCD-2529-005B76F6EB87} - C:\WINDOWS\system32\msxa32.dll O2 - BHO: Class - {6BEF21ED-FE12-619A-B05D-D81A14259340} - C:\WINDOWS\atlax32.dll O2 - BHO: Class - {6BFB4F8E-42B3-1853-FED2-0CE716BE6757} - C:\WINDOWS\system32\d3by.dll O2 - BHO: Class - {6D5086FD-B70A-A21D-970A-511772E1A75C} - C:\WINDOWS\creb32.dll O2 - BHO: Class - {6E15F4D5-4588-FA6E-9B33-7152B249E5A0} - C:\WINDOWS\system32\sysnk.dll O2 - BHO: Class - {6F3DF768-3C51-2FC4-8417-FD3009EF0F08} - C:\WINDOWS\netpb32.dll O2 - BHO: Class - {6F80CE58-E9EF-47A6-EE09-D515FF3D4D49} - C:\WINDOWS\sdklh.dll O2 - BHO: Class - {6F99DB7E-CFDF-18F9-0B84-6D52A771173C} - C:\WINDOWS\system32\sdkie32.dll O2 - BHO: Class - {6FBFD571-083B-0404-2CF4-4D02FE84655B} - C:\WINDOWS\system32\ntus.dll O2 - BHO: Class - {70337B1D-11EA-9346-27AA-F77086D05C11} - C:\WINDOWS\syszv32.dll O2 - BHO: Class - {70B1A180-F009-3014-DEDC-432095A475AF} - C:\WINDOWS\addze32.dll O2 - BHO: Class - {70B30880-F84D-EE39-FE16-EDB1E1A80F9A} - C:\WINDOWS\system32\iely32.dll O2 - BHO: Class - {70C06EC5-199D-FEF2-7785-6D008B0AC3BA} - C:\WINDOWS\javaau.dll O2 - BHO: Class - {7121259F-441E-E13B-61A6-168C5EC38A14} - C:\WINDOWS\system32\iphd.dll O2 - BHO: Class - {719E6513-D632-2EF9-585A-CBABAA0E69DC} - C:\WINDOWS\cren32.dll O2 - BHO: Class - {72D633DF-F78E-4CB0-8219-60FA41D1EFE7} - C:\WINDOWS\mskk.dll O2 - BHO: Class - {72E2A979-EAEA-2FA7-5086-F53AE6460277} - C:\WINDOWS\sdkcu.dll O2 - BHO: Class - {74573A6C-C0FD-80B4-5489-3A6D60261E63} - C:\WINDOWS\system32\ntqn32.dll O2 - BHO: Class - {7585E61C-CBB8-8C7F-66E0-1C519B9044FA} - C:\WINDOWS\d3dq32.dll O2 - BHO: (no name) - {75D05867-E38D-2939-A8D4-F77D51475C5A} - (no file) O2 - BHO: Class - {78397146-034F-3E67-9127-DD62A91D02AD} - C:\WINDOWS\ipae.dll O2 - BHO: Class - {79062573-086D-5A0F-D7B9-40FCC3638669} - C:\WINDOWS\system32\iptq32.dll O2 - BHO: (no name) - {798A3875-F0CF-E2B2-3196-D55E89CDEF04} - (no file) O2 - BHO: Class - {7B316A9C-6980-991E-D5E2-EDEB4A735241} - C:\WINDOWS\crqw32.dll O2 - BHO: Class - {7B4CB4A8-D1EF-22A5-DC8A-5D41F0137145} - C:\WINDOWS\netvh.dll O2 - BHO: Class - {7C3F5115-13B8-F3E5-3A5F-4F6BD2411BED} - C:\WINDOWS\apiui.dll O2 - BHO: Class - {7C77122B-026F-9791-38EB-B10B289B5B82} - C:\WINDOWS\system32\ipzb.dll O2 - BHO: Class - {7D8E9033-94CD-739D-8A5B-376572E16A8C} - C:\WINDOWS\system32\appte32.dll O2 - BHO: Class - {7E1181D1-3C72-2402-8167-9DC0FB9A9570} - C:\WINDOWS\sysmq32.dll O2 - BHO: Class - {7E138803-B04F-E7FE-F90D-174F78CA6C63} - C:\WINDOWS\apprg32.dll O2 - BHO: Class - {7FD58EC4-B55E-2A44-DFAB-99005B7E4071} - C:\WINDOWS\crpd32.dll O2 - BHO: Class - {80E8BCDE-64B0-C3D0-A6E1-0DA0877E6210} - C:\WINDOWS\system32\winxr32.dll O2 - BHO: Class - {8144B36B-0CAB-4B25-CC47-F48322B3263D} - C:\WINDOWS\apiak32.dll O2 - BHO: Class - {81D25943-2085-D1C4-2F01-1C9877C3D278} - C:\WINDOWS\system32\sdkog.dll O2 - BHO: Class - {81D3418A-9625-4C94-1B9D-02B573A0B877} - C:\WINDOWS\system32\mspz32.dll O2 - BHO: Class - {82288C41-7D9C-ACA6-B1EB-D7DB067AC72B} - C:\WINDOWS\atleh32.dll O2 - BHO: Class - {8258A0E9-18F6-B253-C69A-64B1F4A6E2C8} - C:\WINDOWS\atlwh.dll O2 - BHO: Class - {834B70C4-08A7-7082-A675-EFDC4D348484} - C:\WINDOWS\system32\atlfv32.dll O2 - BHO: Class - {83C08741-7DD6-E1E8-DFFA-D55F3DFD30B7} - C:\WINDOWS\netzy.dll O2 - BHO: Class - {83EBAF80-FDC9-395C-7F4C-6E85D8F3AEC5} - C:\WINDOWS\system32\mscd32.dll O2 - BHO: Class - {8455ADD6-2004-47C2-9816-6F3B875B7CE3} - C:\WINDOWS\system32\crex32.dll O2 - BHO: Class - {84D6A0AA-3EC4-07BA-6550-B79683EEB9B1} - C:\WINDOWS\system32\mswz.dll O2 - BHO: Class - {867653BB-CBDA-5ADF-86A5-ECF1FB3432E2} - C:\WINDOWS\netuz32.dll O2 - BHO: Class - {877B5096-0FB9-2632-5448-A94D5150B850} - C:\WINDOWS\system32\ntrn32.dll O2 - BHO: Class - {877CAAEB-2293-602B-7876-793995AAE631} - C:\WINDOWS\system32\ntfw32.dll O2 - BHO: Class - {88BBF9A8-1EBB-A896-9EFB-F2292B0737CF} - C:\WINDOWS\system32\netsv.dll O2 - BHO: Class - {8A98241B-FE20-D008-805C-5BC0B7C14266} - C:\WINDOWS\system32\mfchp.dll O2 - BHO: Class - {8B82102E-F491-66D2-F758-5BB004FEE44C} - C:\WINDOWS\windd.dll O2 - BHO: Class - {8B9B410F-0A67-22CE-3941-CB77C211A4A9} - C:\WINDOWS\javabp32.dll O2 - BHO: Class - {8C6233B9-0AC4-7DAC-AEB8-897EA23435DD} - C:\WINDOWS\ntzc.dll O2 - BHO: Class - {8C70ABA6-D9B7-D043-9FBD-C653704D8236} - C:\WINDOWS\system32\ipdw.dll O2 - BHO: Class - {8C70E5C4-7966-C457-B59B-A255A3E7EFBC} - C:\WINDOWS\system32\sysoy32.dll O2 - BHO: Class - {8D0585C2-7837-436E-A1A5-25C507937285} - C:\WINDOWS\appwj.dll O2 - BHO: Class - {8D1BAA26-F985-1788-3C2F-DBED986F74EE} - C:\WINDOWS\system32\winju32.dll O2 - BHO: Class - {8ECE1E98-E8BF-1F28-C6BE-4B4F73514849} - C:\WINDOWS\winlt.dll O2 - BHO: Class - {8F25C446-FCA0-E176-9876-4060D9B1BE10} - C:\WINDOWS\javatw.dll O2 - BHO: Class - {8F25DEB8-3391-C994-0370-06E9127B615A} - C:\WINDOWS\system32\addrw32.dll O2 - BHO: Class - {8F847879-40F7-B232-AEC5-D3214B36C965} - C:\WINDOWS\addeq32.dll O2 - BHO: Class - {8F9CE5C4-7A8B-60FC-A8C2-8E61BD61D4BF} - C:\WINDOWS\mfcnj.dll O2 - BHO: Class - {91EF62AC-1515-4102-869D-7CF17FBD48DC} - C:\WINDOWS\atliw32.dll O2 - BHO: Class - {91F6D3FF-75DE-A3F4-BDDB-CEAB798A115F} - C:\WINDOWS\system32\winms.dll O2 - BHO: Class - {927DD87A-66BA-9B9F-0879-783B761C8F50} - C:\WINDOWS\atlum32.dll O2 - BHO: Class - {92B633A3-0AC2-646E-E2D7-D9D8DFA4C0CD} - C:\WINDOWS\iejh32.dll O2 - BHO: Class - {92D83A26-147B-6F87-83E4-B271371785C1} - C:\WINDOWS\appkd32.dll O2 - BHO: Class - {934022E3-4A67-7059-D032-46007A715210} - C:\WINDOWS\system32\mfces.dll O2 - BHO: Class - {9347DCAE-D4C8-BCF3-AEE9-E2B1A1821BA8} - C:\WINDOWS\atlym.dll O2 - BHO: Class - {937347AF-8267-7B4F-C2FD-7C75B9DE0881} - C:\WINDOWS\system32\apimb32.dll O2 - BHO: Class - {94B07238-5DA7-46C7-3E9F-22E42CC1710A} - C:\WINDOWS\netpm.dll O2 - BHO: Class - {964821EA-9370-D325-A9C3-9A9AC811F826} - C:\WINDOWS\system32\javaep.dll O2 - BHO: Class - {964E2124-4EFC-8478-D558-FA3F46CA1604} - C:\WINDOWS\iebb32.dll O2 - BHO: Class - {988C6476-5EA2-E122-57CE-2E4F86D27B58} - C:\WINDOWS\msgc.dll O2 - BHO: Class - {9901B510-5371-56AC-A511-EFC399359401} - C:\WINDOWS\crit.dll O2 - BHO: Class - {99E674B1-BD1C-9AB8-9C0E-C4FB2608BBD6} - C:\WINDOWS\atlzo32.dll O2 - BHO: Class - {9AC98B09-E932-6B01-C983-A8AF24A16D40} - C:\WINDOWS\winzn.dll O2 - BHO: Class - {9B02CB83-DCD2-2DB6-02DC-2D81D1BE1FE7} - C:\WINDOWS\d3mv32.dll O2 - BHO: Class - {9C0B1C11-4B55-F4A7-0E89-A3C089B28991} - C:\WINDOWS\ipmu32.dll O2 - BHO: Class - {9C53B9C2-DA43-9FE8-1CA5-21E8B34F522A} - C:\WINDOWS\system32\ipxp.dll O2 - BHO: Class - {9DE2FBCC-AD05-1958-B77D-913F493B121A} - C:\WINDOWS\system32\netdu32.dll O2 - BHO: Class - {9E6480CF-41D5-ADA6-566E-13AE9287A0CD} - C:\WINDOWS\system32\sdkeh.dll O2 - BHO: Class - {9F8C6736-431A-A80F-7DB3-0D6C8BBD7EA1} - C:\WINDOWS\system32\netxx32.dll O2 - BHO: Class - {A02E347F-8BF6-310A-944E-8F4FF9AA318A} - C:\WINDOWS\system32\iefm32.dll O2 - BHO: Class - {A083F83A-C389-3B89-28F2-94347C2D6EF2} - C:\WINDOWS\system32\javayu.dll O2 - BHO: Class - {A23E343E-58A3-FFA8-2F95-0FE8774232D1} - C:\WINDOWS\javaen32.dll O2 - BHO: Class - {A39786E1-B3F2-5AA0-9792-D30FF78E0B7B} - C:\WINDOWS\atlki32.dll O2 - BHO: Class - {A3D347B5-8D22-1E55-4D3E-C94C91F76762} - C:\WINDOWS\apikr32.dll O2 - BHO: Class - {A40E210D-44F7-33DE-2D6C-292A6520AB82} - C:\WINDOWS\winpr32.dll O2 - BHO: Class - {A5181EB4-FBCD-5B6F-4454-F9FEB6BD85FB} - C:\WINDOWS\system32\ntaj32.dll O2 - BHO: Class - {A5363EEA-80FF-2D9D-B95C-136303CBE2E5} - C:\WINDOWS\system32\iphv.dll O2 - BHO: Class - {A68F3DFF-6D4F-704D-DF3C-C62590315208} - C:\WINDOWS\system32\sysys.dll O2 - BHO: Class - {A743397C-15FF-B350-E883-BF7404029D99} - C:\WINDOWS\system32\nttq32.dll O2 - BHO: Class - {A7595DD0-954D-787A-73FC-769C95DF9F01} - C:\WINDOWS\system32\addwv32.dll O2 - BHO: Class - {A7686D30-B576-3F3B-6990-2E06EB868F7B} - C:\WINDOWS\appgk.dll O2 - BHO: Class - {A87070C2-BB4F-55A2-5375-ABE4322DA8C3} - C:\WINDOWS\system32\d3vg.dll O2 - BHO: Class - {A8F6AA45-4788-6802-0A8B-624FBA5DC8CA} - C:\WINDOWS\system32\syshk32.dll O2 - BHO: Class - {A9593486-C5F0-338D-36D5-AEC2E367709D} - C:\WINDOWS\nethd32.dll O2 - BHO: Class - {A98BEA99-7B4B-FA3E-03F1-10C3D1AE7212} - C:\WINDOWS\system32\winuk.dll O2 - BHO: Class - {AA0B70B4-0585-98FF-591D-792B7C365368} - C:\WINDOWS\mfcqb32.dll O2 - BHO: Class - {AA3DBC87-F177-8D58-138B-069152EFDEAC} - C:\WINDOWS\system32\sysot32.dll O2 - BHO: Class - {AA6F9854-E7A9-2FA2-2605-600B5705C69D} - C:\WINDOWS\ipsb32.dll O2 - BHO: Class - {AAF322C0-53A3-24FC-C5E6-B062F9D982F9} - C:\WINDOWS\mfcma32.dll O2 - BHO: Class - {ABD7967C-3F51-655C-C22D-34A94C9679EE} - C:\WINDOWS\system32\javacr.dll O2 - BHO: Class - {AC2D8F55-4AC6-20AE-E0C0-B85403479114} - C:\WINDOWS\addzs.dll O2 - BHO: Class - {ADCD2861-F951-CBB0-CD36-3C98A6A42196} - C:\WINDOWS\system32\winil32.dll O2 - BHO: Class - {AE845430-3B50-352F-A6D3-21174EDCA037} - C:\WINDOWS\system32\javaix.dll O2 - BHO: Class - {AE9AEB8F-0E7F-D767-F3C7-AF22C0FBA643} - C:\WINDOWS\atleu32.dll O2 - BHO: Class - {AEE963C3-B79E-B7F1-4CBF-657FECF4CE92} - C:\WINDOWS\system32\appin.dll O2 - BHO: Class - {AF21BBF6-248D-FEC6-977C-E433AC049B4A} - C:\WINDOWS\system32\addkd.dll O2 - BHO: Class - {AF24C0CC-264C-C2F6-6BBC-FF4A88C674D6} - C:\WINDOWS\atlmo.dll O2 - BHO: Class - {AF9E4499-5741-2FA8-A50F-64532BF9D788} - C:\WINDOWS\mshz.dll O2 - BHO: Class - {B064CDCC-4563-66B0-0A96-37CF520ADED6} - C:\WINDOWS\system32\winwo32.dll O2 - BHO: Class - {B0957B29-6605-0ACF-0683-0B29FEADFBE3} - C:\WINDOWS\system32\sysds.dll O2 - BHO: Class - {B0FD6320-27E9-F236-D46C-1DBD5BB05BC1} - C:\WINDOWS\system32\apipi.dll O2 - BHO: Class - {B264D484-9FD0-1008-BB3F-897E9586D92D} - C:\WINDOWS\system32\appvv.dll O2 - BHO: Class - {B2D696D0-91BB-1E7F-44BB-A44FB1038DDF} - C:\WINDOWS\sdkio.dll O2 - BHO: Class - {B31A4C19-741A-B567-F0E0-A2C7CDED6BD1} - C:\WINDOWS\system32\mfcjp32.dll O2 - BHO: Class - {B3203551-0B4E-FCF6-9876-7B853EEBCC3F} - C:\WINDOWS\mfcdy.dll O2 - BHO: Class - {B4C91D4F-8735-A88D-E8BE-4D168226F78A} - C:\WINDOWS\system32\d3rf32.dll O2 - BHO: Class - {B5280A99-D3D1-117F-31CD-AB87AE880429} - C:\WINDOWS\crky.dll O2 - BHO: Class - {B538BB10-3165-F984-CC16-9066CAB6B092} - C:\WINDOWS\netsn.dll O2 - BHO: Class - {B58B9B1C-55D9-1746-5D04-4AD3FEBB33BE} - C:\WINDOWS\system32\netvf32.dll O2 - BHO: Class - {B66EAEC2-2CE6-1697-9346-9B1E60E39650} - C:\WINDOWS\system32\msav.dll O2 - BHO: Class - {B75BCD02-ABA7-9B5A-4478-A8AD97904CAC} - C:\WINDOWS\addnh32.dll O2 - BHO: Class - {B796461E-A644-4E39-1933-D7EA1A81BA8E} - C:\WINDOWS\mfcmc.dll O2 - BHO: Class - {B7C5F0FA-A733-E146-85CE-933DC6846D60} - C:\WINDOWS\ieij32.dll O2 - BHO: Class - {B825595B-2058-BCA4-1A37-31A9B58CD033} - C:\WINDOWS\system32\winsp32.dll O2 - BHO: Class - {B877A895-E66D-9B51-2A5E-B2821E0C16B0} - C:\WINDOWS\atlrd32.dll O2 - BHO: Class - {B89B5A4B-A477-CC8D-A74D-8A1989AEEB9C} - C:\WINDOWS\system32\sysjf.dll O2 - BHO: Class - {B9E4D006-7A30-6772-18E7-A2C7B4E14473} - C:\WINDOWS\javads.dll O2 - BHO: Class - {B9FBC1A6-6B9A-7B6E-DE5D-CCFDD33AD068} - C:\WINDOWS\system32\appfl.dll O2 - BHO: Class - {B9FBCC0E-658E-7FF9-97B0-FE0DA15F0299} - C:\WINDOWS\system32\mfcin32.dll O2 - BHO: Class - {BB007F00-66B3-C207-453B-7CE8EDD79624} - C:\WINDOWS\sysqr32.dll O2 - BHO: Class - {BB48572C-295E-5F17-1B6B-3589DA7CAB9B} - C:\WINDOWS\system32\sysox32.dll O2 - BHO: Class - {BB5A0FC4-FCAF-FA07-2E59-B4F763DA2F07} - C:\WINDOWS\system32\sdkwd.dll O2 - BHO: Class - {BBF5E38D-037F-77FE-1BD4-D0175630EF03} - C:\WINDOWS\apitm.dll O2 - BHO: Class - {BC92A8D6-EC15-3C14-13BB-52BEF3DFBFA6} - C:\WINDOWS\mswg32.dll O2 - BHO: Class - {BCC63AE6-D49C-A710-E427-27B59630AB82} - C:\WINDOWS\netbv32.dll O2 - BHO: (no name) - {BD9FC8CA-2B4C-538D-74D9-3F302EFCBC86} - (no file) O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O2 - BHO: Class - {BE086B08-211D-FFA7-7138-00EA0ABD2480} - C:\WINDOWS\system32\addfo.dll O2 - BHO: Class - {BE109F8B-9C0D-8B9B-9B55-F31A546042B6} - C:\WINDOWS\winoo.dll O2 - BHO: Class - {BE14A955-DD6C-A165-6A81-393FF536A2E2} - C:\WINDOWS\system32\ntbj.dll O2 - BHO: Class - {BFA7FB09-7AC3-95E9-2881-B1966F738029} - C:\WINDOWS\winon32.dll O2 - BHO: Class - {BFAA3D4F-3121-6765-035E-63AE94A824A9} - C:\WINDOWS\msnr32.dll O2 - BHO: Class - {C2CC1826-44AA-2597-F243-7FEE13F6D54D} - C:\WINDOWS\system32\sdkrd.dll O2 - BHO: Class - {C35E61AF-D4CC-C616-D8F0-C6D3B83A1702} - C:\WINDOWS\ntau.dll O2 - BHO: Class - {C388D48F-0D9E-D287-957F-C50854563DE8} - C:\WINDOWS\netxm.dll O2 - BHO: Class - {C3F84830-18F3-1D3D-C769-86D58A213F17} - C:\WINDOWS\apphd32.dll O2 - BHO: Class - {C47E6517-9FEE-B27A-3EA8-BB572B11D25B} - C:\WINDOWS\system32\iehy.dll O2 - BHO: Class - {C5E8FB41-08A4-948D-D9CA-321F51984943} - C:\WINDOWS\system32\apipr32.dll O2 - BHO: Class - {C680FC92-CC8D-3933-941C-DB2ADEAD27D8} - C:\WINDOWS\javasi.dll O2 - BHO: Class - {C682057F-E371-B29A-848C-7D9B32E2DD9C} - C:\WINDOWS\system32\appkm.dll O2 - BHO: Class - {C6A53716-4EDC-CC43-99E1-9DBC615B7F1D} - C:\WINDOWS\system32\ntvd32.dll O2 - BHO: Class - {C71388B9-CAAF-E409-BCE8-33736697C205} - C:\WINDOWS\appyu32.dll O2 - BHO: Class - {C7B0E086-75CE-E71D-0DDA-51166A3A3D0F} - C:\WINDOWS\system32\mfced32.dll O2 - BHO: Class - {C8F47880-52EF-4AA6-8D33-E43E9369AC13} - C:\WINDOWS\system32\ieui.dll O2 - BHO: Class - {C91C2B34-D631-75C3-CD74-32FA1B2B0372} - C:\WINDOWS\system32\addyr32.dll O2 - BHO: Class - {CA212655-5E8E-FD47-2580-32B04CA0E0B7} - C:\WINDOWS\d3qn.dll O2 - BHO: Class - {CA9321F5-9849-30AD-6D1F-008B13CFD1D4} - C:\WINDOWS\ipdd.dll O2 - BHO: Class - {CAEBAB9D-5B6A-D04D-3DF1-1992B30E11BB} - C:\WINDOWS\system32\applx.dll O2 - BHO: Class - {CBAF5FF2-257D-3BA9-7FC4-8176A9916FCD} - C:\WINDOWS\d3vx.dll O2 - BHO: Class - {CBBEC243-B125-F6CB-20B6-4A6446E07C07} - C:\WINDOWS\msci32.dll O2 - BHO: Class - {CBCAC426-4AC6-B6CA-5FEB-39407E41AE7C} - C:\WINDOWS\ieue32.dll O2 - BHO: Class - {CBD77B3F-8090-DD29-E058-34289DE3949A} - C:\WINDOWS\msbu32.dll O2 - BHO: Class - {CC2E5D02-E711-BE07-3647-61D1BB49E8ED} - C:\WINDOWS\atlcx32.dll O2 - BHO: Class - {CC67C393-741E-9B61-DB09-E37FD3F55B9B} - C:\WINDOWS\system32\ntxt32.dll O2 - BHO: Class - {CC8F52DA-21F1-1A00-1DF7-6E14B89A961B} - C:\WINDOWS\system32\apito32.dll O2 - BHO: Class - {CDB321C3-65E6-FD4B-0966-70348178E22A} - C:\WINDOWS\system32\appty32.dll O2 - BHO: Class - {CDCF6DC4-9E36-A15E-5E68-4B01DC737125} - C:\WINDOWS\system32\winys.dll O2 - BHO: Class - {CE4EFCA5-BE39-72B1-86A3-43F1C9A037D4} - C:\WINDOWS\msup.dll O2 - BHO: Class - {CE7A710F-55BC-4498-742A-FEB5AF0058EF} - C:\WINDOWS\system32\crab32.dll O2 - BHO: Class - {CE7F55BB-9429-AC8A-D9FC-39604EE56230} - C:\WINDOWS\ipql32.dll O2 - BHO: Class - {CF3F3E61-9595-B4D3-EC0A-2911D33AF9CA} - C:\WINDOWS\netwx.dll O2 - BHO: Class - {CFBA6A8B-141A-EFF7-2284-53A16D783BE4} - C:\WINDOWS\system32\d3pj32.dll O2 - BHO: Class - {CFC2CF30-BAD3-6B1F-4A72-6F6A8D1F61C6} - C:\WINDOWS\crqs32.dll O2 - BHO: Class - {D010E2E2-A168-789D-9E57-563AC50A66D0} - C:\WINDOWS\ntlb32.dll O2 - BHO: Class - {D1B08BEF-61F3-13A0-6BCC-CB7E58770653} - C:\WINDOWS\netrz32.dll O2 - BHO: Class - {D1DC71DB-95AD-1742-1B05-0653ADF80398} - C:\WINDOWS\sdkcf.dll O2 - BHO: Class - {D1F50E66-9069-E055-C419-5AF69B876F46} - C:\WINDOWS\system32\apicr32.dll O2 - BHO: Class - {D24C63AD-A963-E031-6313-22AD11D24EF1} - C:\WINDOWS\system32\ipgy32.dll O2 - BHO: Class - {D4CB4CF2-3A32-88F6-F529-198F1CBBD1A6} - C:\WINDOWS\javamp.dll O2 - BHO: Class - {D61D1D35-032C-D543-DA97-C2A2B06597AC} - C:\WINDOWS\system32\sdkto.dll O2 - BHO: Class - {D7C24EDA-2656-4823-DC8B-F199CF3E738A} - C:\WINDOWS\system32\d3bg.dll O2 - BHO: Class - {D8017933-B2A5-8733-0290-960149CE4D0D} - C:\WINDOWS\mfclh32.dll O2 - BHO: Class - {D822CDEB-8143-2AA7-E4BB-E2055B7F4CCF} - C:\WINDOWS\system32\ipid32.dll O2 - BHO: Class - {D824CB60-CF53-9F73-1BD8-6286E09FCF52} - C:\WINDOWS\system32\atlpl32.dll O2 - BHO: Class - {D878BBC9-1D4B-1169-6016-5902B7CCFC40} - C:\WINDOWS\system32\sysjl.dll O2 - BHO: Class - {D8F83F56-26F9-C667-A9AA-64C24DF449D6} - C:\WINDOWS\system32\ipql.dll O2 - BHO: Class - {D9E4FCE9-DD60-AD26-B07D-BFB00720C50B} - C:\WINDOWS\system32\ipsr32.dll O2 - BHO: Class - {D9F1ED10-B3DA-B8A9-67B7-86AA485C18AF} - C:\WINDOWS\system32\crkw.dll O2 - BHO: Class - {DA50B851-33CA-06EB-529C-7E0AD96F9CAC} - C:\WINDOWS\atlbn.dll O2 - BHO: Class - {DA69B6C4-9CB8-E5E8-026E-66C0112155F6} - C:\WINDOWS\system32\neton.dll O2 - BHO: Class - {DABFBD59-CC8B-0E4D-60D9-8C44B013EAEF} - C:\WINDOWS\system32\addkn32.dll O2 - BHO: Class - {DBD77B54-39C0-3D05-7A8D-1B1016FA7380} - C:\WINDOWS\system32\ieoh32.dll O2 - BHO: Class - {DC0E40FD-D633-7594-A016-624F4172C934} - C:\WINDOWS\javaku.dll O2 - BHO: Class - {DC42B4BF-AEBD-5A1A-288E-435E8D572F2A} - C:\WINDOWS\system32\syszz32.dll O2 - BHO: Class - {DCA24E10-9BF9-9CE6-DD3F-572B605B86BB} - C:\WINDOWS\system32\atlac32.dll O2 - BHO: Class - {DD27625A-DB28-F315-0405-729F194BD480} - C:\WINDOWS\system32\javati32.dll O2 - BHO: Class - {DD499CA0-63C5-BE6B-7B26-F81AF2321007} - C:\WINDOWS\system32\atlqn.dll O2 - BHO: Class - {DD4E4285-FC77-25C4-758D-88C44D92F004} - C:\WINDOWS\ntew32.dll O2 - BHO: Class - {DD57FEDD-5FE0-0AED-E965-E1FF1402070E} - C:\WINDOWS\system32\crce.dll O2 - BHO: Class - {DD7C6A5A-CDEA-97AD-3B53-18A2321EE6F6} - C:\WINDOWS\criu32.dll O2 - BHO: Class - {DE3AE878-C016-F46D-089A-80B24A7316D7} - C:\WINDOWS\system32\addpv32.dll O2 - BHO: Class - {DE9E19CF-4511-CFDF-5432-EABB6602A7D8} - C:\WINDOWS\system32\ipiq32.dll O2 - BHO: Class - {DED9B197-A97B-8EB4-D4C0-1E70C2D3CFF5} - C:\WINDOWS\system32\sysfd32.dll O2 - BHO: Class - {DF668E96-27EB-767C-CDC7-40ADB11675F2} - C:\WINDOWS\system32\iehr.dll O2 - BHO: Class - {DFD60C9F-2B34-B4BD-B915-227AB606A962} - C:\WINDOWS\ntrk.dll O2 - BHO: Class - {E04B2E72-AF5D-42B4-27C2-1DFBEB4A9650} - C:\WINDOWS\ipad.dll O2 - BHO: Class - {E04CC398-6D86-A823-890A-29F8D27B4B0A} - C:\WINDOWS\netod32.dll O2 - BHO: Class - {E07D9064-AD32-E4F4-6A8B-A5DBD4D56770} - C:\WINDOWS\system32\javain32.dll O2 - BHO: Class - {E0B3C0A8-3E9A-3AAB-F740-EFF74FBA6985} - C:\WINDOWS\ipkd32.dll O2 - BHO: Class - {E14797E4-9E5E-0402-9342-8ED990B9E13F} - C:\WINDOWS\system32\mfcnw32.dll O2 - BHO: Class - {E15E1E91-0FD3-9AEB-0959-00933AADA0C4} - C:\WINDOWS\system32\addqf32.dll O2 - BHO: Class - {E16A73BF-9FF9-43CE-8578-8DF8D3508388} - C:\WINDOWS\system32\sdkax32.dll O2 - BHO: Class - {E2440651-7FE0-4276-6917-766C9FA742A6} - C:\WINDOWS\system32\sdkon32.dll O2 - BHO: Class - {E2E6C0E2-FA3A-8992-181C-3BA9E7ED6D56} - C:\WINDOWS\mfcqi32.dll O2 - BHO: Class - {E2F0712F-9E43-CF54-86D0-C0E27572FBE1} - C:\WINDOWS\system32\crvu32.dll O2 - BHO: Class - {E44D3492-E63F-A52F-8235-06D2B331C92A} - C:\WINDOWS\system32\appnb32.dll O2 - BHO: Class - {E558C92A-26ED-983A-0F8B-64C91ED05AE9} - C:\WINDOWS\javadc.dll O2 - BHO: Class - {E57CF4E2-608E-1F55-6A8B-10D3B7AD07E2} - C:\WINDOWS\system32\sysre32.dll O2 - BHO: Class - {E58BBC7E-7207-D1BE-CE98-6CC37B27883D} - C:\WINDOWS\system32\d3cj32.dll O2 - BHO: Class - {E5AC69B4-006E-2FF7-BB25-3C43062AD4EF} - C:\WINDOWS\mfczj32.dll O2 - BHO: Class - {E5F0C91D-B125-C770-69FE-FB3428702538} - C:\WINDOWS\system32\sysnv.dll O2 - BHO: Class - {E60D7284-3090-534F-5C3A-08BCBA772F9C} - C:\WINDOWS\system32\netld.dll O2 - BHO: Class - {E616513A-40E1-2657-5238-EAF908483D9A} - C:\WINDOWS\system32\sysim32.dll O2 - BHO: Class - {E686FA0B-6D47-10E4-FC7D-A620410395A5} - C:\WINDOWS\system32\mfcjs.dll O2 - BHO: Class - {E85DB2A8-73A7-0E64-0B9F-3B3DF072FE21} - C:\WINDOWS\system32\sysum32.dll O2 - BHO: Class - {E8B2A684-D6D8-C5EA-F174-952A69CDEAD1} - C:\WINDOWS\system32\apidg.dll O2 - BHO: Class - {EA197903-5454-DCA0-1431-906504E5199D} - C:\WINDOWS\system32\msjw32.dll O2 - BHO: Class - {EAF79499-1766-EB48-D04E-2CDD27C0DD4C} - C:\WINDOWS\ntrz32.dll O2 - BHO: Class - {EB3F1F3A-312D-1F0B-BE12-33935E41A208} - C:\WINDOWS\system32\atlnq32.dll O2 - BHO: Class - {EB53464A-65A2-9AA0-C376-11ADD5428232} - C:\WINDOWS\appeb.dll O2 - BHO: Class - {EB619721-7FA1-13F4-FCC7-F7910CF00AC8} - C:\WINDOWS\system32\addaj32.dll O2 - BHO: Class - {EB6F84A8-01F1-4D7E-CBCE-4B02B1BB0094} - C:\WINDOWS\system32\nthz32.dll O2 - BHO: Class - {EB875E59-D1A2-BEDD-B6E0-01204A789601} - C:\WINDOWS\system32\crko32.dll O2 - BHO: Class - {EBA74261-7CAA-F270-26F4-4E2A669761D1} - C:\WINDOWS\ntne.dll O2 - BHO: Class - {EBB58D88-B4D1-648E-CB8F-D10EF01B83E5} - C:\WINDOWS\system32\addhm.dll O2 - BHO: Class - {EC0BF822-7720-175B-2901-9FA68F761D30} - C:\WINDOWS\d3op.dll O2 - BHO: Class - {EDD6C5EA-5F3E-7B1D-A3D0-9E3A169E6444} - C:\WINDOWS\systb.dll (file missing) O2 - BHO: Class - {EF4B1BBF-9691-E915-81F6-F75B7DD313AA} - C:\WINDOWS\ieva32.dll O2 - BHO: Class - {EF56697C-5109-5395-6FE2-E92AAFF48176} - C:\WINDOWS\mfcwk32.dll O2 - BHO: Class - {EFD32CB9-039B-2B11-A357-D6D56A398537} - C:\WINDOWS\appqz32.dll O2 - BHO: Class - {EFD4E5E6-F6FA-35B8-21D0-795BD90D0719} - C:\WINDOWS\javakd32.dll O2 - BHO: Class - {EFEBB260-C21E-967D-CA15-0C1770C3C5C5} - C:\WINDOWS\mfcsd.dll O2 - BHO: Class - {F1895589-F7BC-679C-6B28-F8543FF20375} - C:\WINDOWS\d3lq32.dll O2 - BHO: Class - {F1EB7ABF-6A20-18CA-0717-32A5D07D7B75} - C:\WINDOWS\appap32.dll O2 - BHO: Class - {F20341B7-4D4B-5B61-38C8-74F9630B49F0} - C:\WINDOWS\system32\winkc32.dll O2 - BHO: Class - {F20ED84C-D847-D6C7-F794-2ED9DCB4B4D1} - C:\WINDOWS\javapa.dll O2 - BHO: Class - {F3A0E4F7-5A26-16D7-F285-82AF755C81E0} - C:\WINDOWS\system32\netjj32.dll O2 - BHO: Class - {F3E960E4-F8DE-2718-D510-335C5E2FEB9F} - C:\WINDOWS\d3zu32.dll O2 - BHO: Class - {F45672AA-5BCB-168F-8F4C-4B17FD2623E8} - C:\WINDOWS\msmf.dll O2 - BHO: Class - {F46FA47B-6291-D27B-D125-BCEEBB49E346} - C:\WINDOWS\ierw.dll O2 - BHO: Class - {F4A41C9A-A713-9C96-601E-1966003429F8} - C:\WINDOWS\addiu.dll O2 - BHO: Class - {F52A683D-86BC-5DC9-8231-5370AB157678} - C:\WINDOWS\system32\ipti.dll O2 - BHO: Class - {F5593432-5366-0A96-4CF5-94D4D166B10C} - C:\WINDOWS\system32\d3wz.dll O2 - BHO: Class - {F62510CB-ED83-E3EF-9E28-73519F1B7A0C} - C:\WINDOWS\d3ft32.dll O2 - BHO: Class - {F69AC43F-54FB-0910-EFEE-6455168C3713} - C:\WINDOWS\ipxm.dll O2 - BHO: Class - {F6CB920B-A4A6-46E0-C07F-F02819E65389} - C:\WINDOWS\winka32.dll O2 - BHO: Class - {F6F49380-F6BB-3D04-920B-C960D86C67BC} - C:\WINDOWS\addve32.dll O2 - BHO: Class - {F72B1F16-5DA1-0CE7-8A46-761D0FBCADC7} - C:\WINDOWS\system32\netpz32.dll O2 - BHO: Class - {F74D5213-8A18-F9CF-E487-AA203A37CEB8} - C:\WINDOWS\system32\addwf.dll O2 - BHO: Class - {F822BF6C-BD82-883D-1146-288575F3091D} - C:\WINDOWS\system32\winiw.dll O2 - BHO: Class - {F82406AA-AA26-0FEF-2943-600622AB7AB5} - C:\WINDOWS\iesd.dll O2 - BHO: Class - {F8F78A55-0101-C0E3-D286-3EADE0CB6313} - C:\WINDOWS\addgz32.dll O2 - BHO: Class - {F9D982F9-B035-9FE7-9252-71E960E1F3E5} - C:\WINDOWS\system32\neteq.dll O2 - BHO: Class - {FAA44DA8-BC87-EAF8-DE08-0B6C7CABB256} - C:\WINDOWS\sdkuv.dll O2 - BHO: Class - {FB9C0E2C-9054-C0EA-4D57-F9CCE6487636} - C:\WINDOWS\system32\ipau.dll O2 - BHO: Class - {FBC1B2FF-838B-6257-27F0-2FD318F49B54} - C:\WINDOWS\system32\appwg.dll O2 - BHO: Class - {FBF77D9B-CA17-A517-257C-C38A16C5AD4F} - C:\WINDOWS\mfcae32.dll O2 - BHO: Class - {FC5F4FD2-9814-9658-709F-821EB79F97AB} - C:\WINDOWS\javatk.dll O2 - BHO: Class - {FC69783B-05C2-F77D-6E0B-9055DEF49D6C} - C:\WINDOWS\system32\sysef32.dll O2 - BHO: Class - {FC72CC24-F754-BD19-FD0E-852C1775E57D} - C:\WINDOWS\system32\netox32.dll O2 - BHO: Class - {FC933F3B-F61C-174E-C6CD-8A9A8ECDD4A8} - C:\WINDOWS\winrc.dll O2 - BHO: Class - {FD33DF99-7965-02B4-4056-996478BCDA14} - C:\WINDOWS\ntfp.dll O2 - BHO: (no name) - {FD4A74BF-5712-24E2-4DA7-6711D4FD291B} - (no file) O2 - BHO: Class - {FE3D33D0-958B-2C94-A4A8-DB4A4566ED06} - C:\WINDOWS\system32\ieto32.dll O2 - BHO: Class - {FF3F0D99-BB3D-8567-11A3-BD77E0658DEA} - C:\WINDOWS\atlze32.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: EarthLink Toolbar - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink TotalAccess\PnEL.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [sprintModemUpdate] javaw.exe -cp "C:\Program Files\Motive\FirmwareUpdater\lib\SprintModemUpdate.jar" com.motive.firmwareUpdater.client.SprintModemUpdate O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [winwx.exe] C:\WINDOWS\system32\winwx.exe O4 - HKLM\..\Run: [ntge.exe] C:\WINDOWS\ntge.exe O4 - HKLM\..\Run: [d3az.exe] C:\WINDOWS\system32\d3az.exe O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPINST~1\plugin\bin\pchbutton.exe O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart O4 - Global Startup: Sprint virtual assistant.lnk = C:\Program Files\Sprint DSL virtual assistant\bin\matcli.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing) O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll O12 - Plugin for .png: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab' rel="external nofollow">http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab'>http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/SymAData.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/sj/en/check/qdiagh.cab?326 O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: Remote Procedure Call (RPC) Helper ( 11F
  24. i took a screen shot of what ihave and what it does. it does appear to be version 6 as i dl'd this 2-3 days ago,but anyways this is what came up as i did the scan again..looks like where getting somewhere on this pesky cws garbage...thanks guys i hope i did this right...im no good at doin the stuff u tell me to do but im tryin please tell me if i didnt do it right(i think i did). i hope this it what ur looking for
  25. here is my log file u wanted to see.yes the error message is what i said it was(exact) Logfile of HijackThis v1.99.1 Scan saved at 7:48:30 PM, on 1/23/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\windows\system\hpsysdrv.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\BroadJump\Client Foundation\CFD.exe C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\system32\winwx.exe C:\WINDOWS\System32\ctfmon.exe C:\PROGRA~1\HPINST~1\plugin\bin\pchbutton.exe C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe C:\Program Files\EarthLink TotalAccess\TaskPanl.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Sprint DSL virtual assistant\bin\SprintVirtualAssistant.exe C:\Program Files\Sprint DSL virtual assistant\bin\mpbtn.exe c:\PROGRA~1\HEWLET~1\HPINST~1\common\MOTIVE~1.EXE C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\system32\ieab32.exe C:\Program Files\MSN\MSNCoreFiles\msn.exe C:\WINDOWS\System32\rsvp.exe C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/more/msie...ton/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\bwmun.dll/sp.html#37049 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\bwmun.dll/sp.html#37049 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\bwmun.dll/sp.html#37049 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.searchv.com/search.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\bwmun.dll/sp.html#37049 R3 - Default URLSearchHook is missing O2 - BHO: Class - {014A827D-E04B-4100-86CC-AA5FBCB8F577} - C:\WINDOWS\system32\ntoz.dll O2 - BHO: Class - {0291E910-8D54-4FA6-C81D-D18ED280B289} - C:\WINDOWS\apius32.dll O2 - BHO: Class - {04D536A8-BE6C-6283-AD25-18CADEF98984} - C:\WINDOWS\sysdw32.dll O2 - BHO: Class - {058C9936-6D60-53AB-C6A6-BABA8EDE5F00} - C:\WINDOWS\system32\winnh.dll O2 - BHO: Class - {05F3C50C-D53F-D6BC-9065-2ABB3092A8D0} - C:\WINDOWS\ipsd.dll O2 - BHO: Class - {05F3F3D2-8BFA-C735-FCDF-D4BD8418D325} - C:\WINDOWS\wincd32.dll O2 - BHO: Class - {06197E31-50B6-4043-D6C9-8E70AAB849E5} - C:\WINDOWS\system32\windh.dll O2 - BHO: Class - {065A3DF4-4253-B880-16A3-75DA427DD453} - C:\WINDOWS\wintz.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Class - {07AC6A37-E15F-F543-A739-15DB1285B61A} - C:\WINDOWS\system32\mstv.dll O2 - BHO: Class - {07D83F1A-3A3D-EF25-F957-DCA0DCC72ABC} - C:\WINDOWS\sdkss32.dll O2 - BHO: Class - {07E2FBBF-C64A-1972-227E-82FA4861EB78} - C:\WINDOWS\apias.dll O2 - BHO: Class - {07E66B38-1367-7DC0-FD3C-CA1BFBA6BCC7} - C:\WINDOWS\system32\atlyd.dll O2 - BHO: Class - {083A00C1-8BB2-5BD6-D3E8-27ADF3D597CA} - C:\WINDOWS\msmk.dll O2 - BHO: Class - {08B062B7-0572-9CCE-27F2-A318B78A3677} - C:\WINDOWS\ntxm32.dll O2 - BHO: Class - {094C8CED-58C8-2CD1-5207-27C140FB0531} - C:\WINDOWS\ieqe32.dll O2 - BHO: Class - {094EDED8-1F6C-995C-6754-A544D7EA188B} - C:\WINDOWS\system32\crbr32.dll O2 - BHO: Class - {0A8D0092-6F79-27C0-3B9C-D542A7FC6907} - C:\WINDOWS\system32\javalr32.dll O2 - BHO: Class - {0B01EADD-4EEA-1744-7321-45BB28A5E86A} - C:\WINDOWS\system32\javabq32.dll O2 - BHO: Class - {0CAEDEE2-8F3E-F86F-35DC-CDEAAE346249} - C:\WINDOWS\crvc.dll O2 - BHO: Class - {0DFE18F1-8279-20AE-4CC5-10CB30FF50DA} - C:\WINDOWS\appul32.dll O2 - BHO: Class - {0E07F1CC-6044-9AB8-86B3-B33F53CA4787} - C:\WINDOWS\javaph.dll O2 - BHO: Class - {0E3BEE03-C426-F488-CA26-D938932339AC} - C:\WINDOWS\system32\ntqt.dll O2 - BHO: Class - {0F0E061E-FA0C-0C44-F0D9-0E0C21180458} - C:\WINDOWS\mfcnb.dll O2 - BHO: Class - {0FCDFA68-74F9-605A-8029-180E50A9964A} - C:\WINDOWS\system32\netai.dll O2 - BHO: Class - {102D7ADF-B1F2-150B-DD47-0D7AE8ECDFE0} - C:\WINDOWS\javabo.dll O2 - BHO: Class - {10FF78CB-D256-A957-AA38-C09CAEAA3E70} - C:\WINDOWS\system32\mfcgx.dll O2 - BHO: Class - {116B5897-9869-1B77-3DC7-646F9CB58D2B} - C:\WINDOWS\system32\msrn32.dll O2 - BHO: Class - {11BE3648-39DF-4A8F-2B7F-AF543F3C21DF} - C:\WINDOWS\sysmx32.dll O2 - BHO: Class - {11BEC0B9-C370-4820-FE14-3C42B32E0875} - C:\WINDOWS\system32\apitx.dll O2 - BHO: Class - {124EC0E5-C940-3ED0-1241-6B1E7CF1D1E8} - C:\WINDOWS\d3xq.dll O2 - BHO: Class - {1323364A-6290-C22E-760E-ABFCF4445116} - C:\WINDOWS\system32\iehq32.dll O2 - BHO: Class - {13B77FE1-9911-A0C2-1D01-61CA21EAEB83} - C:\WINDOWS\system32\addbt.dll O2 - BHO: Class - {13C3D1A3-A53A-6BFB-F6CA-8FA7292FE0F0} - C:\WINDOWS\sdkzj.dll O2 - BHO: Class - {14882629-ECB5-DB2D-9FF8-D87930DD6A0A} - C:\WINDOWS\iefb32.dll O2 - BHO: Class - {153707B5-D0ED-A171-CBB3-87B9E1296513} - C:\WINDOWS\atlwb32.dll O2 - BHO: Class - {1546F4A6-423F-7B55-1F30-B621C06F5D69} - C:\WINDOWS\system32\d3bu32.dll O2 - BHO: Class - {1676763F-15C3-F5F2-9C0B-0631705661ED} - C:\WINDOWS\ntng32.dll O2 - BHO: Class - {16A67573-5153-0344-B04A-BF8F43B5057F} - C:\WINDOWS\sdkql.dll O2 - BHO: Class - {16B25743-B02B-E5F0-F1AE-94D196232E38} - C:\WINDOWS\winkl.dll O2 - BHO: Class - {16BD821E-5751-423E-4850-6CC5D07FECD8} - C:\WINDOWS\winfc32.dll O2 - BHO: Class - {16D601F6-E41B-1A0C-95AA-2EF05F7C37EE} - C:\WINDOWS\system32\appze.dll O2 - BHO: Class - {17094FC7-F985-CD03-CB64-049B61C2C70E} - C:\WINDOWS\system32\addcg.dll O2 - BHO: Class - {1713182A-5092-DD29-01DB-F0D69793396C} - C:\WINDOWS\addco.dll O2 - BHO: Class - {1760E281-B7CE-24A2-166B-0B9F9BB7B8A9} - C:\WINDOWS\system32\netpc32.dll O2 - BHO: Class - {17A1BA50-1F42-91DF-8D52-9482601397EF} - C:\WINDOWS\apigp32.dll O2 - BHO: Class - {18C9B52B-7151-9593-8427-72C86515DCDE} - C:\WINDOWS\appcb.dll O2 - BHO: Class - {1A828816-226B-81EE-2E66-CFEBA8E97E2F} - C:\WINDOWS\apibh32.dll O2 - BHO: Class - {1AF1C718-5A24-D7BB-592A-F2291195734F} - C:\WINDOWS\appbe32.dll O2 - BHO: Class - {1B7649CB-3BCF-46D5-F4A7-39AEAE5625AB} - C:\WINDOWS\crzn.dll O2 - BHO: Class - {1B849856-C2B0-C16F-7AA2-AF1A44A6BEDA} - C:\WINDOWS\system32\ipma32.dll O2 - BHO: Class - {1B9CCCD9-3DA0-5E43-A4CE-924A8F49CC0F} - C:\WINDOWS\system32\iexs.dll O2 - BHO: Class - {1DF846A3-16F9-BEC1-05D0-31207FD24B28} - C:\WINDOWS\system32\javaxu32.dll O2 - BHO: Class - {1E94F949-F3F0-5C64-038A-53C68D35F288} - C:\WINDOWS\system32\javalr.dll O2 - BHO: Class - {1EB77D8F-DC5A-7E55-59FC-844CAE64FC70} - C:\WINDOWS\syslm.dll O2 - BHO: Class - {1EDBFE12-619A-B05D-D81A-42593402A991} - C:\WINDOWS\appsh.dll O2 - BHO: Class - {1F1A3DD0-5DB3-08D8-FE9F-CB49DA5EFA2E} - C:\WINDOWS\system32\syspu.dll O2 - BHO: Class - {1F7B837E-CC0C-8A77-DD3C-43144BEFEB4B} - C:\WINDOWS\d3nm32.dll O2 - BHO: Class - {1F8E709E-AEC3-AC71-0350-66348A990C05} - C:\WINDOWS\system32\msps.dll O2 - BHO: Class - {204BFD00-8711-E685-9059-B543F47899E1} - C:\WINDOWS\system32\d3tx32.dll O2 - BHO: Class - {2067DEDB-34F7-9CC4-7353-3E1E927B32A3} - C:\WINDOWS\system32\d3lc32.dll O2 - BHO: Class - {22A99D53-6CB9-33A5-DED6-D04F5F0F1AE8} - C:\WINDOWS\system32\d3nm32.dll O2 - BHO: Class - {22B1BD81-78EF-C72F-0793-EFF78ED6B103} - C:\WINDOWS\system32\javalf.dll O2 - BHO: Class - {2345C8ED-802B-A5E6-4EE8-68E9D4825903} - C:\WINDOWS\iedl.dll O2 - BHO: Class - {23DA50CE-1A25-2F1D-13E6-38C10B86A8F2} - C:\WINDOWS\appug32.dll O2 - BHO: Class - {23E29B01-78ED-B227-C0D9-7F01F2621B9A} - C:\WINDOWS\system32\addbd32.dll O2 - BHO: Class - {24BE1459-795A-5BA6-B9B1-DC1A2D1652EF} - C:\WINDOWS\system32\winmg.dll O2 - BHO: Class - {25058AE5-5371-3EC0-9CB9-B7B2AE83A00A} - C:\WINDOWS\system32\crmn.dll O2 - BHO: Class - {259EE5B9-79F9-788C-1426-7B4E6B1A0211} - C:\WINDOWS\addic32.dll O2 - BHO: Class - {28223167-A6CC-2F8F-758F-1F424FBB380E} - C:\WINDOWS\system32\mfcyi.dll O2 - BHO: Class - {28FF0DAA-6EDD-259A-83C4-EADDF15D72AD} - C:\WINDOWS\system32\mfcbl32.dll O2 - BHO: Class - {29FC66BD-3EA4-3F16-0ABF-93515F25ED12} - C:\WINDOWS\winjx32.dll O2 - BHO: Class - {2A37058B-D1BB-61D1-21BA-B7A66036D544} - C:\WINDOWS\appkg32.dll O2 - BHO: Class - {2A696067-2ABB-2ABE-9CCF-E895A174E181} - C:\WINDOWS\wintm.dll O2 - BHO: Class - {2AD24B66-877B-347B-4D3D-73A13C8BB2CB} - C:\WINDOWS\netdg.dll O2 - BHO: Class - {2ADD1D56-2534-91AF-C52E-680B595C6999} - C:\WINDOWS\system32\ierm32.dll O2 - BHO: Class - {2CE88230-1C35-89B5-88A0-B07ACA0B401D} - C:\WINDOWS\system32\ntjf.dll O2 - BHO: Class - {2CEB755B-6BCC-9879-D315-A49FBFA75BD7} - C:\WINDOWS\ntux.dll O2 - BHO: Class - {2CFF8F86-4117-E570-DCB8-49CE5BB1B815} - C:\WINDOWS\apijn32.dll O2 - BHO: Class - {2D83144A-96F5-FD55-350C-BB36CBABB8B2} - C:\WINDOWS\system32\msyf.dll O2 - BHO: Class - {2D9A5F30-BB39-3C3B-1DB0-A4572E5E7077} - C:\WINDOWS\ipot32.dll O2 - BHO: Class - {2E5DB345-70C0-FF98-D20F-C69A65169900} - C:\WINDOWS\system32\mfclq32.dll O2 - BHO: Class - {2EDD9108-F5D8-936A-8F9A-116CB847DCC0} - C:\WINDOWS\d3mx32.dll O2 - BHO: Class - {2F1C51B0-AC7F-A18C-6486-8BD910B563C3} - C:\WINDOWS\system32\sdktf32.dll O2 - BHO: Class - {2F7660FB-0CEA-4B11-A8C5-3175CFDBA441} - C:\WINDOWS\system32\windj32.dll O2 - BHO: Class - {2FA6B0AE-AAE8-9CDC-8004-516B1C672B52} - C:\WINDOWS\appqi32.dll O2 - BHO: Class - {2FCA3DE0-0928-B4AD-0D83-44697B4D7A24} - C:\WINDOWS\atlyc32.dll O2 - BHO: Class - {300881BB-DD69-DBCB-AE92-B05A3E8707E1} - C:\WINDOWS\iewo.dll O2 - BHO: Class - {309B0370-9499-BD83-5B63-522A8DC7EFD4} - C:\WINDOWS\system32\ntmi.dll O2 - BHO: Class - {30B92BEE-1F2E-CDB3-9958-2877E3A478BF} - C:\WINDOWS\ipwf32.dll O2 - BHO: Class - {30C15F1B-B902-8769-7E97-07B632351674} - C:\WINDOWS\netza.dll O2 - BHO: Class - {3202B39B-A35B-BCEE-9DB0-68ED2C239785} - C:\WINDOWS\system32\crfq.dll O2 - BHO: Class - {32647596-213A-8327-EDB5-24A45C5C5E36} - C:\WINDOWS\sdkig.dll O2 - BHO: Class - {32D819AE-5E1D-5524-783B-C8993083716B} - C:\WINDOWS\winwr.dll O2 - BHO: Class - {33AC10E4-94BE-C3D0-855D-41F27DCEDD3D} - C:\WINDOWS\system32\msma.dll O2 - BHO: Class - {33EC6E43-4826-94FA-3A03-B94290B62B85} - C:\WINDOWS\iehb.dll O2 - BHO: Class - {34563B77-50A7-B32B-750C-907E592AD1F7} - C:\WINDOWS\system32\ntiw.dll O2 - BHO: Class - {3487A0E4-207B-E09F-81B8-A8EDBD853E83} - C:\WINDOWS\mfchd32.dll O2 - BHO: Class - {3585FF78-2F11-FF4A-2596-1DF8EA166C87} - C:\WINDOWS\system32\javayr32.dll O2 - BHO: Class - {36CC50DE-E932-3435-B11B-709E3AFE8849} - C:\WINDOWS\sdkfz.dll O2 - BHO: Class - {3712D7D0-9565-F99D-D800-6036A77E45C4} - C:\WINDOWS\crdy32.dll O2 - BHO: Class - {38270C16-6F54-81A1-B343-987591F9FF85} - C:\WINDOWS\system32\iexa32.dll O2 - BHO: Class - {38683242-D589-5595-2821-3BE52429FEC3} - C:\WINDOWS\system32\appks32.dll O2 - BHO: Class - {38A13BE2-44E2-8EAD-D101-458EB7B89D67} - C:\WINDOWS\system32\javadg32.dll O2 - BHO: Class - {38EB7DA0-52FB-AADA-9FBF-2A397DD19AA1} - C:\WINDOWS\system32\crln32.dll O2 - BHO: Class - {3ADF6BD5-30EF-8D1D-8D7D-3A0CDCC2FD01} - C:\WINDOWS\system32\appxc.dll O2 - BHO: Class - {3AEAD8F8-7409-2055-D03F-1E630CC0A5B8} - C:\WINDOWS\winot.dll O2 - BHO: Class - {3AF46D2B-238E-2C0A-6C63-109D3CE5E7C0} - C:\WINDOWS\addsz32.dll O2 - BHO: Class - {3AF61C43-088F-A3C6-4312-3AB906276F3A} - C:\WINDOWS\system32\winfu.dll O2 - BHO: Class - {3BA5C516-2E23-6854-9EFC-21E89FEB7C2E} - C:\WINDOWS\system32\mspl.dll O2 - BHO: Class - {3BB31146-3116-E523-81A1-39DC94BD27E5} - C:\WINDOWS\system32\appdm32.dll O2 - BHO: Class - {3BD916EE-69B6-9D47-6347-D97C3BA97F02} - C:\WINDOWS\system32\mfcam32.dll O2 - BHO: Class - {3C69B1A3-D6E3-9B58-A742-1A46F3BDB7CE} - C:\WINDOWS\winqw.dll O2 - BHO: Class - {3C73D315-DD9F-9F82-0398-D2936B2878B2} - C:\WINDOWS\ntfs32.dll O2 - BHO: Class - {3C7FB04E-255B-74C8-0E5F-D8E57CAAC3BC} - C:\WINDOWS\apphf32.dll O2 - BHO: Class - {3D2ACA16-3F1C-BF97-6524-0F7072E1E895} - C:\WINDOWS\netnx32.dll O2 - BHO: Class - {3D983ED1-97AB-F11D-D545-3A47F28CC430} - C:\WINDOWS\system32\winuq.dll O2 - BHO: Class - {3E8EDD63-7719-B595-1F25-C50F23DBF99D} - C:\WINDOWS\system32\javakb32.dll O2 - BHO: Class - {40430AEB-7146-EE85-0D82-B57E2A8F44A9} - C:\WINDOWS\addwr.dll O2 - BHO: Class - {4089564D-FCC7-C2D7-9F2A-ED05B543E8CA} - C:\WINDOWS\system32\sysfa32.dll O2 - BHO: Class - {4097E29E-2A74-3EEA-7090-0E73AF19AC3E} - C:\WINDOWS\apiri32.dll O2 - BHO: Class - {4249913F-B87B-5BCB-BDAC-0E589CD03682} - C:\WINDOWS\system32\appkx32.dll O2 - BHO: Class - {42874627-68BA-AD3E-2E5A-AF9C92CF61D3} - C:\WINDOWS\system32\ieov32.dll O2 - BHO: Class - {42B28786-0E2F-6823-286D-BA74F50C3A0D} - C:\WINDOWS\addww32.dll O2 - BHO: Class - {42B6D2AA-FC71-B406-F3BA-1E0D9D759441} - C:\WINDOWS\apphf.dll O2 - BHO: Class - {43544B19-A240-DF9B-5CE9-9DC02154188E} - C:\WINDOWS\system32\d3bt32.dll O2 - BHO: Class - {4407E807-267B-A3CE-F228-77149FA4302C} - C:\WINDOWS\system32\sysex.dll O2 - BHO: Class - {4478A40E-095C-9113-16CA-AAE4FCB0841A} - C:\WINDOWS\netyz32.dll O2 - BHO: Class - {44D83962-1E60-044C-50E1-DCC0B1C6B08C} - C:\WINDOWS\atlop32.dll O2 - BHO: Class - {45723711-8D3F-C8F9-24E0-F252B24B3148} - C:\WINDOWS\sdkau.dll O2 - BHO: Class - {45BF02B3-6F53-F516-CA0B-8B10C0085204} - C:\WINDOWS\apigq32.dll O2 - BHO: Class - {460072CA-8C43-F205-2195-C713F1949B30} - C:\WINDOWS\javasu32.dll O2 - BHO: Class - {46030852-EC50-153A-66BC-0BAEA8CBC16A} - C:\WINDOWS\system32\msjb.dll O2 - BHO: Class - {469875BB-BC3F-507E-B350-021484557DB4} - C:\WINDOWS\system32\d3nj32.dll O2 - BHO: Class - {477DF9B4-C171-F601-74D6-D3697B4B1E8B} - C:\WINDOWS\addct32.dll O2 - BHO: Class - {48604E09-168D-FEB9-0B26-5518D029DA95} - C:\WINDOWS\system32\ipxh.dll O2 - BHO: Class - {4861F239-22C4-39AD-0E05-069E210E1F47} - C:\WINDOWS\javani.dll O2 - BHO: Class - {4A6CF2F7-DDDD-2A8C-FF62-94A72AA7954F} - C:\WINDOWS\appja32.dll O2 - BHO: EarthLink Popup Blocker - {4B5F2E08-6F39-479a-B547-B2026E4C7EDF} - C:\Program Files\EarthLink TotalAccess\PnEL.dll O2 - BHO: Class - {4B898F0F-81A2-A0FB-5F4C-37100AC2D624} - C:\WINDOWS\system32\d3ew32.dll O2 - BHO: Class - {4C97FF57-707D-49B6-2CBA-7996791E6202} - C:\WINDOWS\netdt32.dll O2 - BHO: Class - {4CB86D61-970D-C338-7AD0-8B13C488150E} - C:\WINDOWS\sdkcd32.dll O2 - BHO: Class - {4CC0A8A4-E4C5-6742-27C3-C153BB6598A6} - C:\WINDOWS\ippg32.dll O2 - BHO: Class - {4D55F1A8-55DA-AA1A-83F6-E4407B24CCE5} - C:\WINDOWS\system32\ipdb.dll O2 - BHO: Class - {4D77B656-3929-8E8D-2C15-42407E685FFA} - C:\WINDOWS\crlh32.dll O2 - BHO: Class - {4DB64B88-0933-55E1-5343-261A238D2B60} - C:\WINDOWS\ntfk32.dll O2 - BHO: Class - {4EC3A22A-5434-CC1A-4E91-B9094044E2D6} - C:\WINDOWS\system32\ipmm.dll O2 - BHO: Class - {4EF173C7-37FB-764C-4EE2-D86CB880FB29} - C:\WINDOWS\sysmy32.dll O2 - BHO: Class - {4EFEDBE3-55DF-655C-7684-265961EDD697} - C:\WINDOWS\javaci32.dll O2 - BHO: Class - {4F5D7708-5CE8-F0D7-D1F2-50B7B257B1EF} - C:\WINDOWS\javats.dll O2 - BHO: Class - {50AA68D1-B792-9F1D-0E5A-E28E5958CC5B} - C:\WINDOWS\system32\mfcse32.dll O2 - BHO: Class - {50B7CF0C-8AE5-BB42-E622-CE649815FF71} - C:\WINDOWS\system32\atlvo.dll O2 - BHO: Class - {50D98177-3925-757E-8E92-625565712438} - C:\WINDOWS\d3ce.dll O2 - BHO: Class - {510C09CC-B06A-EFC8-2E17-38F386848F3E} - C:\WINDOWS\crud32.dll O2 - BHO: Class - {5169D876-4C97-5087-3456-0DCBB0716BC9} - C:\WINDOWS\iezy32.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Class - {5395C6CC-9119-AA2E-B008-2D31A543B883} - C:\WINDOWS\system32\atlia.dll O2 - BHO: Class - {539B572E-7B0F-7CC3-9352-C94BF984726F} - C:\WINDOWS\apikl.dll O2 - BHO: Class - {54255AC2-2B7F-9119-713D-1BFBB01E8BCD} - C:\WINDOWS\nethy.dll O2 - BHO: Class - {54D0E15D-04E1-F4B0-9D57-9A826010E6AA} - C:\WINDOWS\ipkl.dll O2 - BHO: Class - {55AC4EE7-4B4F-A677-88EE-C19AD29C7B4D} - C:\WINDOWS\system32\iedk32.dll O2 - BHO: Class - {55E7FCAD-77C1-35FF-8206-D7405C6CDFAB} - C:\WINDOWS\ippb32.dll O2 - BHO: Class - {5624FB2A-5E7E-C67B-2C18-0AAF52EEFBB0} - C:\WINDOWS\ipun32.dll O2 - BHO: Class - {565744A1-C652-BC19-4230-289DA72A989C} - C:\WINDOWS\netur32.dll O2 - BHO: Class - {572A44A6-4945-DA71-B13F-066F8EC29E66} - C:\WINDOWS\appex.dll O2 - BHO: Class - {5732A44D-F6D6-76F6-4E92-2027907B8818} - C:\WINDOWS\system32\d3bo.dll O2 - BHO: Class - {574F5154-24C8-7C08-5A89-1EF0CC0ABB65} - C:\WINDOWS\system32\ntwj.dll O2 - BHO: Class - {5994FD3E-5FC2-9A72-EE68-06292ACBFC71} - C:\WINDOWS\system32\ntqw32.dll O2 - BHO: Class - {5BE76740-FD01-49B4-5ABA-AA49D68044EF} - C:\WINDOWS\sdklr.dll O2 - BHO: Class - {5C145150-DD6C-53BA-84AE-224D696D255B} - C:\WINDOWS\ntej32.dll O2 - BHO: Class - {5C2283D1-61C9-9337-3709-169AA24C7206} - C:\WINDOWS\system32\sysjx.dll O2 - BHO: Class - {5C74F9CB-19A6-7A1A-EAF6-EB84A7061D05} - C:\WINDOWS\system32\mfcpy.dll O2 - BHO: Class - {5E709357-9905-BEDE-6228-649AC8CA2565} - C:\WINDOWS\system32\d3sd32.dll O2 - BHO: (no name) - {5E7FFA99-C5C0-6BFA-DA44-8A9DB0AE94FD} - (no file) O2 - BHO: Class - {604368E9-EA0B-0E3E-E1F2-50F1DD1F7690} - C:\WINDOWS\system32\mfcan.dll O2 - BHO: Class - {610207BA-E8D7-9260-B756-291184C1BFB4} - C:\WINDOWS\ieqy32.dll O2 - BHO: Class - {61675AEA-0AAC-FB29-2A8B-E712314B4A52} - C:\WINDOWS\system32\msxv.dll O2 - BHO: Class - {61BB595D-A6B2-4293-216F-8317630E1849} - C:\WINDOWS\system32\crwi.dll O2 - BHO: Class - {6248255C-2322-395B-0A66-A5455141BD55} - C:\WINDOWS\system32\sdkfe32.dll O2 - BHO: Class - {628389AE-FDE9-F181-ABB4-DB08BD5345BC} - C:\WINDOWS\d3ph.dll O2 - BHO: Class - {6292CB7C-CAEA-9541-226F-1C73897C3C39} - C:\WINDOWS\d3ki.dll O2 - BHO: Class - {629FEEBC-8D1F-BA64-26C3-686D45062880} - C:\WINDOWS\system32\cryp.dll O2 - BHO: Class - {630B5448-88BA-594C-A5C4-16A53B83F0F9} - C:\WINDOWS\system32\ipqh32.dll O2 - BHO: Class - {6469535C-868D-78CB-87BD-9BF74E0AEB7A} - C:\WINDOWS\system32\addsz.dll O2 - BHO: Class - {646D843D-7CDF-78F8-2D9D-391E871C2089} - C:\WINDOWS\iplz.dll O2 - BHO: Class - {646F2028-8431-3C1F-122B-739B5643F144} - C:\WINDOWS\system32\apptc32.dll O2 - BHO: Class - {646F6A47-24D0-2033-3709-4F9D79ED6FC9} - C:\WINDOWS\atlqm.dll O2 - BHO: Class - {64ACBCED-4C70-32ED-5E7C-6D6EFEDA085F} - C:\WINDOWS\mfcvq32.dll O2 - BHO: Class - {64CA0FC6-5085-C447-8988-25C5AC6CDBBE} - C:\WINDOWS\system32\netuu32.dll O2 - BHO: Class - {651DA460-C8D1-926D-7E35-8258A39BB7C2} - C:\WINDOWS\atldp32.dll O2 - BHO: Class - {652D4929-5C76-94A9-0C3D-31460592C199} - C:\WINDOWS\system32\winbk.dll O2 - BHO: Class - {6565FF3C-2255-1708-8543-85E668E94D6C} - C:\WINDOWS\system32\apimc32.dll O2 - BHO: Class - {66E7A648-A2D0-B506-715E-8D564D8364C2} - C:\WINDOWS\system32\netma32.dll O2 - BHO: Class - {6736D543-9459-D61F-8FA7-A53653949C0D} - C:\WINDOWS\netbr32.dll O2 - BHO: Class - {681772EF-1514-33C7-0408-B8771F24D4CB} - C:\WINDOWS\d3ed.dll O2 - BHO: Class - {683DA086-8E62-5396-D4EF-2401FF58EB59} - C:\WINDOWS\system32\ipxf.dll O2 - BHO: Class - {69848259-E5F3-2574-2AEE-41BB1DBD3EAC} - C:\WINDOWS\msap32.dll O2 - BHO: Class - {69A8069F-CE5E-4765-8040-82403FEC3895} - C:\WINDOWS\system32\netln32.dll O2 - BHO: Class - {69A989AD-BFBB-9324-846E-194CABCE649B} - C:\WINDOWS\system32\ntob32.dll O2 - BHO: Class - {69C0535E-8F6B-1482-8F80-DF6B338BFBF8} - C:\WINDOWS\system32\crlw32.dll O2 - BHO: Class - {6A9A98A4-1733-141A-04B1-536A43E5A00C} - C:\WINDOWS\netdc.dll O2 - BHO: Class - {6AA3715D-405C-076E-8F16-52A674C871DB} - C:\WINDOWS\system32\addlc32.dll O2 - BHO: Class - {6AA46007-7E40-353F-4B29-4EB589B6027B} - C:\WINDOWS\ntwi32.dll O2 - BHO: Class - {6B2E69E2-80CF-0FCD-2529-005B76F6EB87} - C:\WINDOWS\system32\msxa32.dll O2 - BHO: Class - {6BEF21ED-FE12-619A-B05D-D81A14259340} - C:\WINDOWS\atlax32.dll O2 - BHO: Class - {6BFB4F8E-42B3-1853-FED2-0CE716BE6757} - C:\WINDOWS\system32\d3by.dll O2 - BHO: Class - {6D5086FD-B70A-A21D-970A-511772E1A75C} - C:\WINDOWS\creb32.dll O2 - BHO: Class - {6E15F4D5-4588-FA6E-9B33-7152B249E5A0} - C:\WINDOWS\system32\sysnk.dll O2 - BHO: Class - {6F3DF768-3C51-2FC4-8417-FD3009EF0F08} - C:\WINDOWS\netpb32.dll O2 - BHO: Class - {6F80CE58-E9EF-47A6-EE09-D515FF3D4D49} - C:\WINDOWS\sdklh.dll O2 - BHO: Class - {6F99DB7E-CFDF-18F9-0B84-6D52A771173C} - C:\WINDOWS\system32\sdkie32.dll O2 - BHO: Class - {6FBFD571-083B-0404-2CF4-4D02FE84655B} - C:\WINDOWS\system32\ntus.dll O2 - BHO: Class - {70337B1D-11EA-9346-27AA-F77086D05C11} - C:\WINDOWS\syszv32.dll O2 - BHO: Class - {70B1A180-F009-3014-DEDC-432095A475AF} - C:\WINDOWS\addze32.dll O2 - BHO: Class - {70B30880-F84D-EE39-FE16-EDB1E1A80F9A} - C:\WINDOWS\system32\iely32.dll O2 - BHO: Class - {70C06EC5-199D-FEF2-7785-6D008B0AC3BA} - C:\WINDOWS\javaau.dll O2 - BHO: Class - {7121259F-441E-E13B-61A6-168C5EC38A14} - C:\WINDOWS\system32\iphd.dll O2 - BHO: Class - {719E6513-D632-2EF9-585A-CBABAA0E69DC} - C:\WINDOWS\cren32.dll O2 - BHO: Class - {72D633DF-F78E-4CB0-8219-60FA41D1EFE7} - C:\WINDOWS\mskk.dll O2 - BHO: Class - {72E2A979-EAEA-2FA7-5086-F53AE6460277} - C:\WINDOWS\sdkcu.dll O2 - BHO: Class - {74573A6C-C0FD-80B4-5489-3A6D60261E63} - C:\WINDOWS\system32\ntqn32.dll O2 - BHO: Class - {7585E61C-CBB8-8C7F-66E0-1C519B9044FA} - C:\WINDOWS\d3dq32.dll O2 - BHO: (no name) - {75D05867-E38D-2939-A8D4-F77D51475C5A} - (no file) O2 - BHO: Class - {78397146-034F-3E67-9127-DD62A91D02AD} - C:\WINDOWS\ipae.dll O2 - BHO: Class - {79062573-086D-5A0F-D7B9-40FCC3638669} - C:\WINDOWS\system32\iptq32.dll O2 - BHO: (no name) - {798A3875-F0CF-E2B2-3196-D55E89CDEF04} - (no file) O2 - BHO: Class - {7B316A9C-6980-991E-D5E2-EDEB4A735241} - C:\WINDOWS\crqw32.dll O2 - BHO: Class - {7B4CB4A8-D1EF-22A5-DC8A-5D41F0137145} - C:\WINDOWS\netvh.dll O2 - BHO: Class - {7C3F5115-13B8-F3E5-3A5F-4F6BD2411BED} - C:\WINDOWS\apiui.dll O2 - BHO: Class - {7C77122B-026F-9791-38EB-B10B289B5B82} - C:\WINDOWS\system32\ipzb.dll O2 - BHO: Class - {7D8E9033-94CD-739D-8A5B-376572E16A8C} - C:\WINDOWS\system32\appte32.dll O2 - BHO: Class - {7E1181D1-3C72-2402-8167-9DC0FB9A9570} - C:\WINDOWS\sysmq32.dll O2 - BHO: Class - {7E138803-B04F-E7FE-F90D-174F78CA6C63} - C:\WINDOWS\apprg32.dll O2 - BHO: Class - {7FD58EC4-B55E-2A44-DFAB-99005B7E4071} - C:\WINDOWS\crpd32.dll O2 - BHO: Class - {80E8BCDE-64B0-C3D0-A6E1-0DA0877E6210} - C:\WINDOWS\system32\winxr32.dll O2 - BHO: Class - {8144B36B-0CAB-4B25-CC47-F48322B3263D} - C:\WINDOWS\apiak32.dll O2 - BHO: Class - {81D25943-2085-D1C4-2F01-1C9877C3D278} - C:\WINDOWS\system32\sdkog.dll O2 - BHO: Class - {81D3418A-9625-4C94-1B9D-02B573A0B877} - C:\WINDOWS\system32\mspz32.dll O2 - BHO: Class - {82288C41-7D9C-ACA6-B1EB-D7DB067AC72B} - C:\WINDOWS\atleh32.dll O2 - BHO: Class - {8258A0E9-18F6-B253-C69A-64B1F4A6E2C8} - C:\WINDOWS\atlwh.dll O2 - BHO: Class - {834B70C4-08A7-7082-A675-EFDC4D348484} - C:\WINDOWS\system32\atlfv32.dll O2 - BHO: Class - {83C08741-7DD6-E1E8-DFFA-D55F3DFD30B7} - C:\WINDOWS\netzy.dll O2 - BHO: Class - {83EBAF80-FDC9-395C-7F4C-6E85D8F3AEC5} - C:\WINDOWS\system32\mscd32.dll O2 - BHO: Class - {8455ADD6-2004-47C2-9816-6F3B875B7CE3} - C:\WINDOWS\system32\crex32.dll O2 - BHO: Class - {84D6A0AA-3EC4-07BA-6550-B79683EEB9B1} - C:\WINDOWS\system32\mswz.dll O2 - BHO: Class - {867653BB-CBDA-5ADF-86A5-ECF1FB3432E2} - C:\WINDOWS\netuz32.dll O2 - BHO: Class - {877B5096-0FB9-2632-5448-A94D5150B850} - C:\WINDOWS\system32\ntrn32.dll O2 - BHO: Class - {877CAAEB-2293-602B-7876-793995AAE631} - C:\WINDOWS\system32\ntfw32.dll O2 - BHO: Class - {88BBF9A8-1EBB-A896-9EFB-F2292B0737CF} - C:\WINDOWS\system32\netsv.dll O2 - BHO: Class - {8A98241B-FE20-D008-805C-5BC0B7C14266} - C:\WINDOWS\system32\mfchp.dll O2 - BHO: Class - {8B82102E-F491-66D2-F758-5BB004FEE44C} - C:\WINDOWS\windd.dll O2 - BHO: Class - {8B9B410F-0A67-22CE-3941-CB77C211A4A9} - C:\WINDOWS\javabp32.dll O2 - BHO: Class - {8C6233B9-0AC4-7DAC-AEB8-897EA23435DD} - C:\WINDOWS\ntzc.dll O2 - BHO: Class - {8C70ABA6-D9B7-D043-9FBD-C653704D8236} - C:\WINDOWS\system32\ipdw.dll O2 - BHO: Class - {8C70E5C4-7966-C457-B59B-A255A3E7EFBC} - C:\WINDOWS\system32\sysoy32.dll O2 - BHO: Class - {8D0585C2-7837-436E-A1A5-25C507937285} - C:\WINDOWS\appwj.dll O2 - BHO: Class - {8D1BAA26-F985-1788-3C2F-DBED986F74EE} - C:\WINDOWS\system32\winju32.dll O2 - BHO: Class - {8ECE1E98-E8BF-1F28-C6BE-4B4F73514849} - C:\WINDOWS\winlt.dll O2 - BHO: Class - {8F25C446-FCA0-E176-9876-4060D9B1BE10} - C:\WINDOWS\javatw.dll O2 - BHO: Class - {8F25DEB8-3391-C994-0370-06E9127B615A} - C:\WINDOWS\system32\addrw32.dll O2 - BHO: Class - {8F847879-40F7-B232-AEC5-D3214B36C965} - C:\WINDOWS\addeq32.dll O2 - BHO: Class - {8F9CE5C4-7A8B-60FC-A8C2-8E61BD61D4BF} - C:\WINDOWS\mfcnj.dll O2 - BHO: Class - {91EF62AC-1515-4102-869D-7CF17FBD48DC} - C:\WINDOWS\atliw32.dll O2 - BHO: Class - {91F6D3FF-75DE-A3F4-BDDB-CEAB798A115F} - C:\WINDOWS\system32\winms.dll O2 - BHO: Class - {927DD87A-66BA-9B9F-0879-783B761C8F50} - C:\WINDOWS\atlum32.dll O2 - BHO: Class - {92B633A3-0AC2-646E-E2D7-D9D8DFA4C0CD} - C:\WINDOWS\iejh32.dll O2 - BHO: Class - {92D83A26-147B-6F87-83E4-B271371785C1} - C:\WINDOWS\appkd32.dll O2 - BHO: Class - {934022E3-4A67-7059-D032-46007A715210} - C:\WINDOWS\system32\mfces.dll O2 - BHO: Class - {9347DCAE-D4C8-BCF3-AEE9-E2B1A1821BA8} - C:\WINDOWS\atlym.dll O2 - BHO: Class - {937347AF-8267-7B4F-C2FD-7C75B9DE0881} - C:\WINDOWS\system32\apimb32.dll O2 - BHO: Class - {94B07238-5DA7-46C7-3E9F-22E42CC1710A} - C:\WINDOWS\netpm.dll O2 - BHO: Class - {964821EA-9370-D325-A9C3-9A9AC811F826} - C:\WINDOWS\system32\javaep.dll O2 - BHO: Class - {964E2124-4EFC-8478-D558-FA3F46CA1604} - C:\WINDOWS\iebb32.dll O2 - BHO: Class - {988C6476-5EA2-E122-57CE-2E4F86D27B58} - C:\WINDOWS\msgc.dll O2 - BHO: Class - {9901B510-5371-56AC-A511-EFC399359401} - C:\WINDOWS\crit.dll O2 - BHO: Class - {99E674B1-BD1C-9AB8-9C0E-C4FB2608BBD6} - C:\WINDOWS\atlzo32.dll O2 - BHO: Class - {9AC98B09-E932-6B01-C983-A8AF24A16D40} - C:\WINDOWS\winzn.dll O2 - BHO: Class - {9B02CB83-DCD2-2DB6-02DC-2D81D1BE1FE7} - C:\WINDOWS\d3mv32.dll O2 - BHO: Class - {9C0B1C11-4B55-F4A7-0E89-A3C089B28991} - C:\WINDOWS\ipmu32.dll O2 - BHO: Class - {9C53B9C2-DA43-9FE8-1CA5-21E8B34F522A} - C:\WINDOWS\system32\ipxp.dll O2 - BHO: Class - {9DE2FBCC-AD05-1958-B77D-913F493B121A} - C:\WINDOWS\system32\netdu32.dll O2 - BHO: Class - {9E6480CF-41D5-ADA6-566E-13AE9287A0CD} - C:\WINDOWS\system32\sdkeh.dll O2 - BHO: Class - {9F8C6736-431A-A80F-7DB3-0D6C8BBD7EA1} - C:\WINDOWS\system32\netxx32.dll O2 - BHO: Class - {A02E347F-8BF6-310A-944E-8F4FF9AA318A} - C:\WINDOWS\system32\iefm32.dll O2 - BHO: Class - {A083F83A-C389-3B89-28F2-94347C2D6EF2} - C:\WINDOWS\system32\javayu.dll O2 - BHO: Class - {A23E343E-58A3-FFA8-2F95-0FE8774232D1} - C:\WINDOWS\javaen32.dll O2 - BHO: Class - {A39786E1-B3F2-5AA0-9792-D30FF78E0B7B} - C:\WINDOWS\atlki32.dll O2 - BHO: Class - {A3D347B5-8D22-1E55-4D3E-C94C91F76762} - C:\WINDOWS\apikr32.dll O2 - BHO: Class - {A40E210D-44F7-33DE-2D6C-292A6520AB82} - C:\WINDOWS\winpr32.dll O2 - BHO: Class - {A5181EB4-FBCD-5B6F-4454-F9FEB6BD85FB} - C:\WINDOWS\system32\ntaj32.dll O2 - BHO: Class - {A5363EEA-80FF-2D9D-B95C-136303CBE2E5} - C:\WINDOWS\system32\iphv.dll O2 - BHO: Class - {A68F3DFF-6D4F-704D-DF3C-C62590315208} - C:\WINDOWS\system32\sysys.dll O2 - BHO: Class - {A743397C-15FF-B350-E883-BF7404029D99} - C:\WINDOWS\system32\nttq32.dll O2 - BHO: Class - {A7595DD0-954D-787A-73FC-769C95DF9F01} - C:\WINDOWS\system32\addwv32.dll O2 - BHO: Class - {A7686D30-B576-3F3B-6990-2E06EB868F7B} - C:\WINDOWS\appgk.dll O2 - BHO: Class - {A87070C2-BB4F-55A2-5375-ABE4322DA8C3} - C:\WINDOWS\system32\d3vg.dll O2 - BHO: Class - {A8F6AA45-4788-6802-0A8B-624FBA5DC8CA} - C:\WINDOWS\system32\syshk32.dll O2 - BHO: Class - {A9593486-C5F0-338D-36D5-AEC2E367709D} - C:\WINDOWS\nethd32.dll O2 - BHO: Class - {A98BEA99-7B4B-FA3E-03F1-10C3D1AE7212} - C:\WINDOWS\system32\winuk.dll O2 - BHO: Class - {AA0B70B4-0585-98FF-591D-792B7C365368} - C:\WINDOWS\mfcqb32.dll O2 - BHO: Class - {AA3DBC87-F177-8D58-138B-069152EFDEAC} - C:\WINDOWS\system32\sysot32.dll O2 - BHO: Class - {AA6F9854-E7A9-2FA2-2605-600B5705C69D} - C:\WINDOWS\ipsb32.dll O2 - BHO: Class - {AAF322C0-53A3-24FC-C5E6-B062F9D982F9} - C:\WINDOWS\mfcma32.dll O2 - BHO: Class - {ABD7967C-3F51-655C-C22D-34A94C9679EE} - C:\WINDOWS\system32\javacr.dll O2 - BHO: Class - {AC2D8F55-4AC6-20AE-E0C0-B85403479114} - C:\WINDOWS\addzs.dll O2 - BHO: Class - {ADCD2861-F951-CBB0-CD36-3C98A6A42196} - C:\WINDOWS\system32\winil32.dll O2 - BHO: Class - {AE845430-3B50-352F-A6D3-21174EDCA037} - C:\WINDOWS\system32\javaix.dll O2 - BHO: Class - {AE9AEB8F-0E7F-D767-F3C7-AF22C0FBA643} - C:\WINDOWS\atleu32.dll O2 - BHO: Class - {AEE963C3-B79E-B7F1-4CBF-657FECF4CE92} - C:\WINDOWS\system32\appin.dll O2 - BHO: Class - {AF21BBF6-248D-FEC6-977C-E433AC049B4A} - C:\WINDOWS\system32\addkd.dll O2 - BHO: Class - {AF24C0CC-264C-C2F6-6BBC-FF4A88C674D6} - C:\WINDOWS\atlmo.dll O2 - BHO: Class - {AF9E4499-5741-2FA8-A50F-64532BF9D788} - C:\WINDOWS\mshz.dll O2 - BHO: Class - {B064CDCC-4563-66B0-0A96-37CF520ADED6} - C:\WINDOWS\system32\winwo32.dll O2 - BHO: Class - {B0957B29-6605-0ACF-0683-0B29FEADFBE3} - C:\WINDOWS\system32\sysds.dll O2 - BHO: Class - {B0FD6320-27E9-F236-D46C-1DBD5BB05BC1} - C:\WINDOWS\system32\apipi.dll O2 - BHO: Class - {B264D484-9FD0-1008-BB3F-897E9586D92D} - C:\WINDOWS\system32\appvv.dll O2 - BHO: Class - {B2D696D0-91BB-1E7F-44BB-A44FB1038DDF} - C:\WINDOWS\sdkio.dll O2 - BHO: Class - {B31A4C19-741A-B567-F0E0-A2C7CDED6BD1} - C:\WINDOWS\system32\mfcjp32.dll O2 - BHO: Class - {B3203551-0B4E-FCF6-9876-7B853EEBCC3F} - C:\WINDOWS\mfcdy.dll O2 - BHO: Class - {B4C91D4F-8735-A88D-E8BE-4D168226F78A} - C:\WINDOWS\system32\d3rf32.dll O2 - BHO: Class - {B5280A99-D3D1-117F-31CD-AB87AE880429} - C:\WINDOWS\crky.dll O2 - BHO: Class - {B538BB10-3165-F984-CC16-9066CAB6B092} - C:\WINDOWS\netsn.dll O2 - BHO: Class - {B58B9B1C-55D9-1746-5D04-4AD3FEBB33BE} - C:\WINDOWS\system32\netvf32.dll O2 - BHO: Class - {B66EAEC2-2CE6-1697-9346-9B1E60E39650} - C:\WINDOWS\system32\msav.dll O2 - BHO: Class - {B75BCD02-ABA7-9B5A-4478-A8AD97904CAC} - C:\WINDOWS\addnh32.dll O2 - BHO: Class - {B796461E-A644-4E39-1933-D7EA1A81BA8E} - C:\WINDOWS\mfcmc.dll O2 - BHO: Class - {B7C5F0FA-A733-E146-85CE-933DC6846D60} - C:\WINDOWS\ieij32.dll O2 - BHO: Class - {B825595B-2058-BCA4-1A37-31A9B58CD033} - C:\WINDOWS\system32\winsp32.dll O2 - BHO: Class - {B877A895-E66D-9B51-2A5E-B2821E0C16B0} - C:\WINDOWS\atlrd32.dll O2 - BHO: Class - {B89B5A4B-A477-CC8D-A74D-8A1989AEEB9C} - C:\WINDOWS\system32\sysjf.dll O2 - BHO: Class - {B9E4D006-7A30-6772-18E7-A2C7B4E14473} - C:\WINDOWS\javads.dll O2 - BHO: Class - {B9FBC1A6-6B9A-7B6E-DE5D-CCFDD33AD068} - C:\WINDOWS\system32\appfl.dll O2 - BHO: Class - {B9FBCC0E-658E-7FF9-97B0-FE0DA15F0299} - C:\WINDOWS\system32\mfcin32.dll O2 - BHO: Class - {BB007F00-66B3-C207-453B-7CE8EDD79624} - C:\WINDOWS\sysqr32.dll O2 - BHO: Class - {BB48572C-295E-5F17-1B6B-3589DA7CAB9B} - C:\WINDOWS\system32\sysox32.dll O2 - BHO: Class - {BB5A0FC4-FCAF-FA07-2E59-B4F763DA2F07} - C:\WINDOWS\system32\sdkwd.dll O2 - BHO: Class - {BBF5E38D-037F-77FE-1BD4-D0175630EF03} - C:\WINDOWS\apitm.dll O2 - BHO: Class - {BC92A8D6-EC15-3C14-13BB-52BEF3DFBFA6} - C:\WINDOWS\mswg32.dll O2 - BHO: Class - {BCC63AE6-D49C-A710-E427-27B59630AB82} - C:\WINDOWS\netbv32.dll O2 - BHO: (no name) - {BD9FC8CA-2B4C-538D-74D9-3F302EFCBC86} - (no file) O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O2 - BHO: Class - {BE086B08-211D-FFA7-7138-00EA0ABD2480} - C:\WINDOWS\system32\addfo.dll O2 - BHO: Class - {BE109F8B-9C0D-8B9B-9B55-F31A546042B6} - C:\WINDOWS\winoo.dll O2 - BHO: Class - {BE14A955-DD6C-A165-6A81-393FF536A2E2} - C:\WINDOWS\system32\ntbj.dll O2 - BHO: Class - {BFA7FB09-7AC3-95E9-2881-B1966F738029} - C:\WINDOWS\winon32.dll O2 - BHO: Class - {BFAA3D4F-3121-6765-035E-63AE94A824A9} - C:\WINDOWS\msnr32.dll O2 - BHO: Class - {C2CC1826-44AA-2597-F243-7FEE13F6D54D} - C:\WINDOWS\system32\sdkrd.dll O2 - BHO: Class - {C35E61AF-D4CC-C616-D8F0-C6D3B83A1702} - C:\WINDOWS\ntau.dll O2 - BHO: Class - {C388D48F-0D9E-D287-957F-C50854563DE8} - C:\WINDOWS\netxm.dll O2 - BHO: Class - {C3F84830-18F3-1D3D-C769-86D58A213F17} - C:\WINDOWS\apphd32.dll O2 - BHO: Class - {C47E6517-9FEE-B27A-3EA8-BB572B11D25B} - C:\WINDOWS\system32\iehy.dll O2 - BHO: Class - {C5E8FB41-08A4-948D-D9CA-321F51984943} - C:\WINDOWS\system32\apipr32.dll O2 - BHO: Class - {C680FC92-CC8D-3933-941C-DB2ADEAD27D8} - C:\WINDOWS\javasi.dll O2 - BHO: Class - {C682057F-E371-B29A-848C-7D9B32E2DD9C} - C:\WINDOWS\system32\appkm.dll O2 - BHO: Class - {C6A53716-4EDC-CC43-99E1-9DBC615B7F1D} - C:\WINDOWS\system32\ntvd32.dll O2 - BHO: Class - {C71388B9-CAAF-E409-BCE8-33736697C205} - C:\WINDOWS\appyu32.dll O2 - BHO: Class - {C7B0E086-75CE-E71D-0DDA-51166A3A3D0F} - C:\WINDOWS\system32\mfced32.dll O2 - BHO: Class - {C8F47880-52EF-4AA6-8D33-E43E9369AC13} - C:\WINDOWS\system32\ieui.dll O2 - BHO: Class - {C91C2B34-D631-75C3-CD74-32FA1B2B0372} - C:\WINDOWS\system32\addyr32.dll O2 - BHO: Class - {CA212655-5E8E-FD47-2580-32B04CA0E0B7} - C:\WINDOWS\d3qn.dll O2 - BHO: Class - {CA9321F5-9849-30AD-6D1F-008B13CFD1D4} - C:\WINDOWS\ipdd.dll O2 - BHO: Class - {CAEBAB9D-5B6A-D04D-3DF1-1992B30E11BB} - C:\WINDOWS\system32\applx.dll O2 - BHO: Class - {CBAF5FF2-257D-3BA9-7FC4-8176A9916FCD} - C:\WINDOWS\d3vx.dll O2 - BHO: Class - {CBBEC243-B125-F6CB-20B6-4A6446E07C07} - C:\WINDOWS\msci32.dll O2 - BHO: Class - {CBCAC426-4AC6-B6CA-5FEB-39407E41AE7C} - C:\WINDOWS\ieue32.dll O2 - BHO: Class - {CBD77B3F-8090-DD29-E058-34289DE3949A} - C:\WINDOWS\msbu32.dll O2 - BHO: Class - {CC2E5D02-E711-BE07-3647-61D1BB49E8ED} - C:\WINDOWS\atlcx32.dll O2 - BHO: Class - {CC67C393-741E-9B61-DB09-E37FD3F55B9B} - C:\WINDOWS\system32\ntxt32.dll O2 - BHO: Class - {CC8F52DA-21F1-1A00-1DF7-6E14B89A961B} - C:\WINDOWS\system32\apito32.dll O2 - BHO: Class - {CDB321C3-65E6-FD4B-0966-70348178E22A} - C:\WINDOWS\system32\appty32.dll O2 - BHO: Class - {CDCF6DC4-9E36-A15E-5E68-4B01DC737125} - C:\WINDOWS\system32\winys.dll O2 - BHO: Class - {CE4EFCA5-BE39-72B1-86A3-43F1C9A037D4} - C:\WINDOWS\msup.dll O2 - BHO: Class - {CE7A710F-55BC-4498-742A-FEB5AF0058EF} - C:\WINDOWS\system32\crab32.dll O2 - BHO: Class - {CE7F55BB-9429-AC8A-D9FC-39604EE56230} - C:\WINDOWS\ipql32.dll O2 - BHO: Class - {CF3F3E61-9595-B4D3-EC0A-2911D33AF9CA} - C:\WINDOWS\netwx.dll O2 - BHO: Class - {CFBA6A8B-141A-EFF7-2284-53A16D783BE4} - C:\WINDOWS\system32\d3pj32.dll O2 - BHO: Class - {CFC2CF30-BAD3-6B1F-4A72-6F6A8D1F61C6} - C:\WINDOWS\crqs32.dll O2 - BHO: Class - {D010E2E2-A168-789D-9E57-563AC50A66D0} - C:\WINDOWS\ntlb32.dll O2 - BHO: Class - {D1B08BEF-61F3-13A0-6BCC-CB7E58770653} - C:\WINDOWS\netrz32.dll O2 - BHO: Class - {D1DC71DB-95AD-1742-1B05-0653ADF80398} - C:\WINDOWS\sdkcf.dll O2 - BHO: Class - {D1F50E66-9069-E055-C419-5AF69B876F46} - C:\WINDOWS\system32\apicr32.dll O2 - BHO: Class - {D24C63AD-A963-E031-6313-22AD11D24EF1} - C:\WINDOWS\system32\ipgy32.dll O2 - BHO: Class - {D4CB4CF2-3A32-88F6-F529-198F1CBBD1A6} - C:\WINDOWS\javamp.dll O2 - BHO: Class - {D61D1D35-032C-D543-DA97-C2A2B06597AC} - C:\WINDOWS\system32\sdkto.dll O2 - BHO: Class - {D7C24EDA-2656-4823-DC8B-F199CF3E738A} - C:\WINDOWS\system32\d3bg.dll O2 - BHO: Class - {D8017933-B2A5-8733-0290-960149CE4D0D} - C:\WINDOWS\mfclh32.dll O2 - BHO: Class - {D822CDEB-8143-2AA7-E4BB-E2055B7F4CCF} - C:\WINDOWS\system32\ipid32.dll O2 - BHO: Class - {D824CB60-CF53-9F73-1BD8-6286E09FCF52} - C:\WINDOWS\system32\atlpl32.dll O2 - BHO: Class - {D878BBC9-1D4B-1169-6016-5902B7CCFC40} - C:\WINDOWS\system32\sysjl.dll O2 - BHO: Class - {D8F83F56-26F9-C667-A9AA-64C24DF449D6} - C:\WINDOWS\system32\ipql.dll O2 - BHO: Class - {D9E4FCE9-DD60-AD26-B07D-BFB00720C50B} - C:\WINDOWS\system32\ipsr32.dll O2 - BHO: Class - {D9F1ED10-B3DA-B8A9-67B7-86AA485C18AF} - C:\WINDOWS\system32\crkw.dll O2 - BHO: Class - {DA50B851-33CA-06EB-529C-7E0AD96F9CAC} - C:\WINDOWS\atlbn.dll O2 - BHO: Class - {DA69B6C4-9CB8-E5E8-026E-66C0112155F6} - C:\WINDOWS\system32\neton.dll O2 - BHO: Class - {DABFBD59-CC8B-0E4D-60D9-8C44B013EAEF} - C:\WINDOWS\system32\addkn32.dll O2 - BHO: Class - {DBD77B54-39C0-3D05-7A8D-1B1016FA7380} - C:\WINDOWS\system32\ieoh32.dll O2 - BHO: Class - {DC0E40FD-D633-7594-A016-624F4172C934} - C:\WINDOWS\javaku.dll O2 - BHO: Class - {DC42B4BF-AEBD-5A1A-288E-435E8D572F2A} - C:\WINDOWS\system32\syszz32.dll O2 - BHO: Class - {DCA24E10-9BF9-9CE6-DD3F-572B605B86BB} - C:\WINDOWS\system32\atlac32.dll O2 - BHO: Class - {DD27625A-DB28-F315-0405-729F194BD480} - C:\WINDOWS\system32\javati32.dll O2 - BHO: Class - {DD499CA0-63C5-BE6B-7B26-F81AF2321007} - C:\WINDOWS\system32\atlqn.dll O2 - BHO: Class - {DD4E4285-FC77-25C4-758D-88C44D92F004} - C:\WINDOWS\ntew32.dll O2 - BHO: Class - {DD57FEDD-5FE0-0AED-E965-E1FF1402070E} - C:\WINDOWS\system32\crce.dll O2 - BHO: Class - {DD7C6A5A-CDEA-97AD-3B53-18A2321EE6F6} - C:\WINDOWS\criu32.dll O2 - BHO: Class - {DE3AE878-C016-F46D-089A-80B24A7316D7} - C:\WINDOWS\system32\addpv32.dll O2 - BHO: Class - {DE9E19CF-4511-CFDF-5432-EABB6602A7D8} - C:\WINDOWS\system32\ipiq32.dll O2 - BHO: Class - {DED9B197-A97B-8EB4-D4C0-1E70C2D3CFF5} - C:\WINDOWS\system32\sysfd32.dll O2 - BHO: Class - {DF668E96-27EB-767C-CDC7-40ADB11675F2} - C:\WINDOWS\system32\iehr.dll O2 - BHO: Class - {DFD60C9F-2B34-B4BD-B915-227AB606A962} - C:\WINDOWS\ntrk.dll O2 - BHO: Class - {E04B2E72-AF5D-42B4-27C2-1DFBEB4A9650} - C:\WINDOWS\ipad.dll O2 - BHO: Class - {E04CC398-6D86-A823-890A-29F8D27B4B0A} - C:\WINDOWS\netod32.dll O2 - BHO: Class - {E07D9064-AD32-E4F4-6A8B-A5DBD4D56770} - C:\WINDOWS\system32\javain32.dll O2 - BHO: Class - {E0B3C0A8-3E9A-3AAB-F740-EFF74FBA6985} - C:\WINDOWS\ipkd32.dll O2 - BHO: Class - {E14797E4-9E5E-0402-9342-8ED990B9E13F} - C:\WINDOWS\system32\mfcnw32.dll O2 - BHO: Class - {E15E1E91-0FD3-9AEB-0959-00933AADA0C4} - C:\WINDOWS\system32\addqf32.dll O2 - BHO: Class - {E16A73BF-9FF9-43CE-8578-8DF8D3508388} - C:\WINDOWS\system32\sdkax32.dll O2 - BHO: Class - {E2440651-7FE0-4276-6917-766C9FA742A6} - C:\WINDOWS\system32\sdkon32.dll O2 - BHO: Class - {E2E6C0E2-FA3A-8992-181C-3BA9E7ED6D56} - C:\WINDOWS\mfcqi32.dll O2 - BHO: Class - {E2F0712F-9E43-CF54-86D0-C0E27572FBE1} - C:\WINDOWS\system32\crvu32.dll O2 - BHO: Class - {E44D3492-E63F-A52F-8235-06D2B331C92A} - C:\WINDOWS\system32\appnb32.dll O2 - BHO: Class - {E558C92A-26ED-983A-0F8B-64C91ED05AE9} - C:\WINDOWS\javadc.dll O2 - BHO: Class - {E57CF4E2-608E-1F55-6A8B-10D3B7AD07E2} - C:\WINDOWS\system32\sysre32.dll O2 - BHO: Class - {E58BBC7E-7207-D1BE-CE98-6CC37B27883D} - C:\WINDOWS\system32\d3cj32.dll O2 - BHO: Class - {E5AC69B4-006E-2FF7-BB25-3C43062AD4EF} - C:\WINDOWS\mfczj32.dll O2 - BHO: Class - {E5F0C91D-B125-C770-69FE-FB3428702538} - C:\WINDOWS\system32\sysnv.dll O2 - BHO: Class - {E60D7284-3090-534F-5C3A-08BCBA772F9C} - C:\WINDOWS\system32\netld.dll O2 - BHO: Class - {E616513A-40E1-2657-5238-EAF908483D9A} - C:\WINDOWS\system32\sysim32.dll O2 - BHO: Class - {E686FA0B-6D47-10E4-FC7D-A620410395A5} - C:\WINDOWS\system32\mfcjs.dll O2 - BHO: Class - {E85DB2A8-73A7-0E64-0B9F-3B3DF072FE21} - C:\WINDOWS\system32\sysum32.dll O2 - BHO: Class - {E8B2A684-D6D8-C5EA-F174-952A69CDEAD1} - C:\WINDOWS\system32\apidg.dll O2 - BHO: Class - {EA197903-5454-DCA0-1431-906504E5199D} - C:\WINDOWS\system32\msjw32.dll O2 - BHO: Class - {EAF79499-1766-EB48-D04E-2CDD27C0DD4C} - C:\WINDOWS\ntrz32.dll O2 - BHO: Class - {EB3F1F3A-312D-1F0B-BE12-33935E41A208} - C:\WINDOWS\system32\atlnq32.dll O2 - BHO: Class - {EB53464A-65A2-9AA0-C376-11ADD5428232} - C:\WINDOWS\appeb.dll O2 - BHO: Class - {EB619721-7FA1-13F4-FCC7-F7910CF00AC8} - C:\WINDOWS\system32\addaj32.dll O2 - BHO: Class - {EB6F84A8-01F1-4D7E-CBCE-4B02B1BB0094} - C:\WINDOWS\system32\nthz32.dll O2 - BHO: Class - {EB875E59-D1A2-BEDD-B6E0-01204A789601} - C:\WINDOWS\system32\crko32.dll O2 - BHO: Class - {EBA74261-7CAA-F270-26F4-4E2A669761D1} - C:\WINDOWS\ntne.dll O2 - BHO: Class - {EBB58D88-B4D1-648E-CB8F-D10EF01B83E5} - C:\WINDOWS\system32\addhm.dll O2 - BHO: Class - {EC0BF822-7720-175B-2901-9FA68F761D30} - C:\WINDOWS\d3op.dll O2 - BHO: Class - {EDD6C5EA-5F3E-7B1D-A3D0-9E3A169E6444} - C:\WINDOWS\systb.dll (file missing) O2 - BHO: Class - {EF4B1BBF-9691-E915-81F6-F75B7DD313AA} - C:\WINDOWS\ieva32.dll O2 - BHO: Class - {EF56697C-5109-5395-6FE2-E92AAFF48176} - C:\WINDOWS\mfcwk32.dll O2 - BHO: Class - {EFD32CB9-039B-2B11-A357-D6D56A398537} - C:\WINDOWS\appqz32.dll O2 - BHO: Class - {EFD4E5E6-F6FA-35B8-21D0-795BD90D0719} - C:\WINDOWS\javakd32.dll O2 - BHO: Class - {EFEBB260-C21E-967D-CA15-0C1770C3C5C5} - C:\WINDOWS\mfcsd.dll O2 - BHO: Class - {F1895589-F7BC-679C-6B28-F8543FF20375} - C:\WINDOWS\d3lq32.dll O2 - BHO: Class - {F1EB7ABF-6A20-18CA-0717-32A5D07D7B75} - C:\WINDOWS\appap32.dll O2 - BHO: Class - {F20341B7-4D4B-5B61-38C8-74F9630B49F0} - C:\WINDOWS\system32\winkc32.dll O2 - BHO: Class - {F20ED84C-D847-D6C7-F794-2ED9DCB4B4D1} - C:\WINDOWS\javapa.dll O2 - BHO: Class - {F3A0E4F7-5A26-16D7-F285-82AF755C81E0} - C:\WINDOWS\system32\netjj32.dll O2 - BHO: Class - {F3E960E4-F8DE-2718-D510-335C5E2FEB9F} - C:\WINDOWS\d3zu32.dll O2 - BHO: Class - {F45672AA-5BCB-168F-8F4C-4B17FD2623E8} - C:\WINDOWS\msmf.dll O2 - BHO: Class - {F46FA47B-6291-D27B-D125-BCEEBB49E346} - C:\WINDOWS\ierw.dll O2 - BHO: Class - {F4A41C9A-A713-9C96-601E-1966003429F8} - C:\WINDOWS\addiu.dll O2 - BHO: Class - {F52A683D-86BC-5DC9-8231-5370AB157678} - C:\WINDOWS\system32\ipti.dll O2 - BHO: Class - {F5593432-5366-0A96-4CF5-94D4D166B10C} - C:\WINDOWS\system32\d3wz.dll O2 - BHO: Class - {F62510CB-ED83-E3EF-9E28-73519F1B7A0C} - C:\WINDOWS\d3ft32.dll O2 - BHO: Class - {F69AC43F-54FB-0910-EFEE-6455168C3713} - C:\WINDOWS\ipxm.dll O2 - BHO: Class - {F6CB920B-A4A6-46E0-C07F-F02819E65389} - C:\WINDOWS\winka32.dll O2 - BHO: Class - {F6F49380-F6BB-3D04-920B-C960D86C67BC} - C:\WINDOWS\addve32.dll O2 - BHO: Class - {F72B1F16-5DA1-0CE7-8A46-761D0FBCADC7} - C:\WINDOWS\system32\netpz32.dll O2 - BHO: Class - {F74D5213-8A18-F9CF-E487-AA203A37CEB8} - C:\WINDOWS\system32\addwf.dll O2 - BHO: Class - {F822BF6C-BD82-883D-1146-288575F3091D} - C:\WINDOWS\system32\winiw.dll O2 - BHO: Class - {F82406AA-AA26-0FEF-2943-600622AB7AB5} - C:\WINDOWS\iesd.dll O2 - BHO: Class - {F8F78A55-0101-C0E3-D286-3EADE0CB6313} - C:\WINDOWS\addgz32.dll O2 - BHO: Class - {F9D982F9-B035-9FE7-9252-71E960E1F3E5} - C:\WINDOWS\system32\neteq.dll O2 - BHO: Class - {FAA44DA8-BC87-EAF8-DE08-0B6C7CABB256} - C:\WINDOWS\sdkuv.dll O2 - BHO: Class - {FB9C0E2C-9054-C0EA-4D57-F9CCE6487636} - C:\WINDOWS\system32\ipau.dll O2 - BHO: Class - {FBC1B2FF-838B-6257-27F0-2FD318F49B54} - C:\WINDOWS\system32\appwg.dll O2 - BHO: Class - {FBF77D9B-CA17-A517-257C-C38A16C5AD4F} - C:\WINDOWS\mfcae32.dll O2 - BHO: Class - {FC5F4FD2-9814-9658-709F-821EB79F97AB} - C:\WINDOWS\javatk.dll O2 - BHO: Class - {FC69783B-05C2-F77D-6E0B-9055DEF49D6C} - C:\WINDOWS\system32\sysef32.dll O2 - BHO: Class - {FC72CC24-F754-BD19-FD0E-852C1775E57D} - C:\WINDOWS\system32\netox32.dll O2 - BHO: Class - {FC933F3B-F61C-174E-C6CD-8A9A8ECDD4A8} - C:\WINDOWS\winrc.dll O2 - BHO: Class - {FD33DF99-7965-02B4-4056-996478BCDA14} - C:\WINDOWS\ntfp.dll O2 - BHO: (no name) - {FD4A74BF-5712-24E2-4DA7-6711D4FD291B} - (no file) O2 - BHO: Class - {FE3D33D0-958B-2C94-A4A8-DB4A4566ED06} - C:\WINDOWS\system32\ieto32.dll O2 - BHO: Class - {FF3F0D99-BB3D-8567-11A3-BD77E0658DEA} - C:\WINDOWS\atlze32.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: EarthLink Toolbar - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink TotalAccess\PnEL.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [sprintModemUpdate] javaw.exe -cp "C:\Program Files\Motive\FirmwareUpdater\lib\SprintModemUpdate.jar" com.motive.firmwareUpdater.client.SprintModemUpdate O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [winwx.exe] C:\WINDOWS\system32\winwx.exe O4 - HKLM\..\Run: [ntge.exe] C:\WINDOWS\ntge.exe O4 - HKLM\..\Run: [d3az.exe] C:\WINDOWS\system32\d3az.exe O4 - HKLM\..\RunOnce: [ieab32.exe] C:\WINDOWS\system32\ieab32.exe O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPINST~1\plugin\bin\pchbutton.exe O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: Sprint virtual assistant.lnk = C:\Program Files\Sprint DSL virtual assistant\bin\matcli.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing) O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll O12 - Plugin for .png: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab' rel="external nofollow">http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab'>http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/SymAData.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/sj/en/check/qdiagh.cab?326 O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\System32\HPHipm11.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.