Jump to content

Spylock Removal


Recommended Posts

I need help im running Windows XP adn Spylock is slowing my Internet and computer as we speak ive tried everythign and im seeking help from a pro now this system risk thing ballon keeps coming up i wanna get rid of that and the virus itself help please!!!

Logfile of Trend Micro HijackThis v2.0.0 (BETA)

Scan saved at 12:05:23 PM, on 6/24/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\WINDOWS\System32\igfxtray.exe

C:\WINDOWS\System32\hkcmd.exe

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

C:\Program Files\Browser Mouse\Browser Mouse\1.1\MOUSE32A.EXE

C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\system32\rundll32.exe

C:\PROGRA~1\Grisoft\AVG7\avgcc.exe

C:\Program Files\Spyware Doctor\SDTrayApp.exe

C:\WINDOWS\system32\CTsvcCDA.EXE

C:\DOCUME~1\ADMINI~1\APPLIC~1\CROSOF~1.NET\ANREGW~1.EXE

C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe

C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe

C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

C:\Program Files\Spyware Doctor\svcntaux.exe

C:\WINDOWS\system32\taskmgr.exe

C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\WinRAR\WinRAR.exe

C:\Documents and Settings\Administrator\Desktop\HiJackThis_v2.exe

C:\Program Files\Spyware Doctor\swdsvc.exe

C:\WINDOWS\system32\wuauclt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com' rel="external nofollow">http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com' rel="external nofollow">http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com' rel="external nofollow">http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com' rel="external nofollow">http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1

R3 - URLSearchHook: (no name) - - (no file)

R3 - URLSearchHook: (no name) - {36E015CD-DF74-89D3-0897-F14A30DFA0EB} - (no file)

R3 - URLSearchHook: (no name) - {200FE66B-7DD5-797B-A7E9-06D58977B8EA} - (no file)

R3 - URLSearchHook: (no name) - {2C87C08C-516F-54CC-46FE-272756FAEAB8} - (no file)

R3 - URLSearchHook: (no name) - {7E869789-516B-5491-44FE-272756FAEAEC} - (no file)

R3 - URLSearchHook: (no name) - {850AA276-6B98-343F-E8AC-12848CE718E6} - (no file)

R3 - URLSearchHook: (no name) - {BB60EF8B-763A-29C0-4C23-5F10E52175BA} - (no file)

R3 - URLSearchHook: (no name) - {C2469343-0BA9-5655-DBFB-2217C58359B2} - (no file)

R3 - URLSearchHook: (no name) - {C042C346-59AE-040E-DBFB-2217C5830EE3} - (no file)

R3 - URLSearchHook: (no name) - {F2668D70-1999-466C-B58B-6053E1F039E2} - (no file)

R3 - URLSearchHook: (no name) - {C87ABDDA-7539-2793-42E2-53C0A85409E2} - (no file)

R3 - URLSearchHook: (no name) - {F661D97E-18CE-1738-E18B-6053E1F032E8} - (no file)

R3 - URLSearchHook: (no name) - {8C4CCB88-5F34-51C9-1CD3-75F2CB0246B5} - (no file)

R3 - URLSearchHook: (no name) - {CD28E78E-7C3F-2D96-43E2-53C0A85452B0} - (no file)

R3 - URLSearchHook: (no name) - {ED1B91D0-003B-539A-11F0-77E29A7726EF} - (no file)

R3 - URLSearchHook: (no name) - {A4ADEED7-2039-7FCB-1105-5DF07BC93CE3} - (no file)

R3 - URLSearchHook: (no name) - {F4FCBAD1-203B-2ACD-4505-5DF07BC93FE4} - (no file)

R3 - URLSearchHook: (no name) - {6565D03F-4A85-4524-F3AF-6243B062A3EA} - (no file)

R3 - URLSearchHook: (no name) - {6333833D-4C85-1073-A2AF-6243B062A3BE} - (no file)

R3 - URLSearchHook: (no name) - {F3FBBD86-706B-29CA-1605-5DF07BCE6BE5} - (no file)

R3 - URLSearchHook: (no name) - {E91CC583-036E-09CF-1CF0-77E29A7071E7} - (no file)

R3 - URLSearchHook: (no name) - {3637D03F-4B85-1474-A6AF-6243B062A0BE} - (no file)

R3 - URLSearchHook: (no name) - {F3AEBE81-233C-7899-4505-5DF07BCE6DB7} - (no file)

R3 - URLSearchHook: (no name) - {E84AC4D7-046F-08C8-16F0-77E29A7077E1} - (no file)

R3 - URLSearchHook: (no name) - {B917C4D2-576E-00CA-45F0-77E29A7074B1} - (no file)

R3 - URLSearchHook: (no name) - {9BD5B0A7-2B13-75E5-3BE9-56800C3901B3} - (no file)

R3 - URLSearchHook: (no name) - {EF4D92D7-5638-07CD-1CF0-77E29A707AB4} - (no file)

R3 - URLSearchHook: (no name) - {99D5B4A3-2E19-7EE3-6CE9-56800C3954E3} - (no file)

R3 - URLSearchHook: (no name) - {A4ABE984-243B-7DCE-1605-5DF07BCE3BEF} - (no file)

R3 - URLSearchHook: (no name) - {F6C1843F-1C80-4621-F7A9-671345DD6BE5} - (no file)

R3 - URLSearchHook: (no name) - {F3FBEFD7-276C-2A9B-1C05-5DF07BCE3DE5} - (no file)

R3 - URLSearchHook: (no name) - {EC4A9286-0568-07C0-45F0-77E29A7027E7} - (no file)

R3 - URLSearchHook: (no name) - {E416C086-563D-54CE-47F0-77E29A7027B3} - (no file)

R3 - URLSearchHook: (no name) - {6535D53E-4DD4-1225-A0AF-6243B062F5BB} - (no file)

R3 - URLSearchHook: (no name) - {A5C1D76A-18D7-4777-A6A9-671345DC38E4} - (no file)

R3 - URLSearchHook: (no name) - {9FD5E2F1-781C-75B6-68E9-56800C3807E4} - (no file)

R3 - URLSearchHook: (no name) - {A390856F-4A81-137A-A4A9-671345DC3AE2} - (no file)

R3 - URLSearchHook: (no name) - {A5C58362-40D0-1575-A6A9-671345DC3AB6} - (no file)

R3 - URLSearchHook: (no name) - {EA1B9385-526B-53C9-16F0-77E29A7171B5} - (no file)

R3 - URLSearchHook: (no name) - {E8189386-033E-53C0-10F0-77E29A7176EF} - (no file)

R3 - URLSearchHook: (no name) - {F791886D-4DD5-4677-F1A9-671345DC3DE5} - (no file)

R3 - URLSearchHook: (no name) - {9489E3F0-7C1B-7EE7-3FE9-56800C3800E6} - (no file)

R3 - URLSearchHook: (no name) - {F3FDBA8C-706B-2DCD-4105-5DF07BCF60E1} - (no file)

R3 - URLSearchHook: (no name) - {F6928369-4FD4-4876-F0A9-671345DC6BE4} - (no file)

R3 - URLSearchHook: (no name) - {D1DCA62D-3E93-3237-BA8C-106402884EE1} - (no file)

R3 - URLSearchHook: (no name) - {D289AE7A-3DC1-3761-B68C-106402884EB4} - (no file)

R3 - URLSearchHook: (no name) - {7E41F14A-6CA9-3057-D2DF-15349702B3ED} - (no file)

R3 - URLSearchHook: (no name) - {A7C2454E-89FE-D00B-D9CA-F4DA19CA3DE6} - (no file)

R3 - URLSearchHook: (no name) - {B515A8BB-650F-3FAC-2415-197493D27EE5} - (no file)

R3 - URLSearchHook: (no name) - {7F3BCB85-0564-0C99-4B13-29C7E875B3EE} - (no file)

R3 - URLSearchHook: (no name) - {634FA383-3E30-36C8-4AF3-17D4C9C7ABB9} - (no file)

R3 - URLSearchHook: (no name) - {1DEC7D11-BAF9-B75B-D7FF-C76932F886B7} - (no file)

R3 - URLSearchHook: (no name) - {15B42E49-ECF9-E552-D3FF-C76932F8DEE0} - (no file)

R3 - URLSearchHook: (no name) - {CD2F05B3-9C59-C8AF-7DE0-B69EFD6402BD} - (no file)

R3 - URLSearchHook: (no name) - {A4376D47-FAAF-F401-DCAA-D228E62567BD} - (no file)

R3 - URLSearchHook: (no name) - {16B67D18-EBF5-E506-86FF-C76932F8DAE2} - (no file)

R3 - URLSearchHook: (no name) - {AACA20E1-BF5D-E9FE-7A00-C8891D5C60B3} - (no file)

R3 - URLSearchHook: (no name) - {A8CF7DE1-ED09-E8AD-7C00-C8891D5C61BC} - (no file)

R3 - URLSearchHook: (no name) - {A99B71B6-ED0B-EAAF-7000-C8891D5C62B9} - (no file)

R3 - URLSearchHook: (no name) - {41ED724D-BAF1-E050-D7FF-C76933AE8DE0} - (no file)

R3 - URLSearchHook: (no name) - {1CB6781C-B9A5-E756-80FF-C76933AE8CE6} - (no file)

R3 - URLSearchHook: (no name) - {FD9B71B1-BF5F-EBA8-7A00-C8891D5C65BE} - (no file)

R3 - URLSearchHook: (no name) - {7DB308BF-9801-C9FA-7D55-BDCE69BBB9E6} - (no file)

R3 - URLSearchHook: (no name) - {F6346712-F8FF-F45B-DAAA-D228E7733AB9} - (no file)

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)

R3 - URLSearchHook: (no name) - {F167674D-F8FE-FD5C-8BAA-D228E77363B6} - (no file)

R3 - URLSearchHook: (no name) - {992B51E9-9759-C9AE-7DE0-B69EFC3205BA} - (no file)

R3 - URLSearchHook: (no name) - {45E47310-EBF6-E006-80FF-C76933AEDAB7} - (no file)

R3 - URLSearchHook: (no name) - {CB7904B2-9D5F-C3AD-7DE0-B69EFC3200EA} - (no file)

R3 - URLSearchHook: (no name) - {CA2801B4-C80C-C7AC-7FE0-B69EFC3356B0} - (no file)

R3 - URLSearchHook: (no name) - {F3603F45-ADF6-A65D-D8AA-D228E77233B7} - (no file)

R3 - URLSearchHook: (no name) - {AA9874E4-BA59-BFF8-2B00-C8891D5D62BF} - (no file)

R3 - URLSearchHook: (no name) - {ACC9CEB8-0E53-5FA0-2330-2BD7480961E1} - (no file)

R3 - URLSearchHook: (no name) - {C9C78A70-439B-483E-E959-3D76123C55B3} - (no file)

R3 - URLSearchHook: (no name) - {B570EF05-78BE-2441-9AAE-5250A0F728B1} - (no file)

R3 - URLSearchHook: (no name) - {C8C58920-14CF-433E-BF59-3D76123C54E3} - (no file)

R3 - URLSearchHook: (no name) - {FA9ECBBE-0204-51F5-2030-2BD7480964E1} - (no file)

R3 - URLSearchHook: (no name) - {C991DC20-4399-436D-BD59-3D76123C56E6} - (no file)

R3 - URLSearchHook: (no name) - {B521B700-78BD-2D46-9CAE-5250A0F725B7} - (no file)

R3 - URLSearchHook: (no name) - {1EC09FDB-076E-58C6-1D73-7F924C2989B7} - (no file)

R3 - URLSearchHook: (no name) - {4FCE9AD3-0C6E-0D91-1973-7F924C29D3E6} - (no file)

R3 - URLSearchHook: (no name) - {B0A7E6BC-7D07-7CA3-74F5-0745717A71B4} - (no file)

R3 - URLSearchHook: (no name) - {DFDDE502-26EF-291B-931E-09E55B6841B6} - (no file)

R3 - URLSearchHook: (no name) - {A2BB4806-DDED-8B49-CBFE-F7FA3ADD6FB0} - (no file)

R3 - URLSearchHook: (no name) - {D0D8EE51-2CEF-7B1D-9F1E-09E55B6B17E2} - (no file)

R3 - URLSearchHook: (no name) - {F3EE4808-DEBE-D313-9AFE-F7FA3ADD6BE0} - (no file)

R3 - URLSearchHook: (no name) - {A88050BF-C65E-CDAC-2255-ED5B502B35E5} - (no file)

R3 - URLSearchHook: (no name) - {79AE33A6-FB1D-F4BD-6781-80AD7F79EFBF} - (no file)

R3 - URLSearchHook: (no name) - {DB15948F-0F65-019D-13D6-75F2CA5215BF} - (no file)

R3 - URLSearchHook: (no name) - {C8A12B23-E5C9-BF3B-EE4C-9C6C231C52BF} - (no file)

R3 - URLSearchHook: (no name) - {72139F15-53F8-0257-D87F-7F129447E6B0} - (no file)

R3 - URLSearchHook: (no name) - {20419C11-06AE-0C0A-D87F-7F129446B4E7} - (no file)

R3 - URLSearchHook: (no name) - {26149D45-53F7-5F59-8B7F-7F129446B6B5} - (no file)

R3 - URLSearchHook: (no name) - {254BC854-01B8-5840-924B-2C0795A6BEBB} - (no file)

R3 - URLSearchHook: (no name) - {E8705C63-C8DD-9825-FD98-E1FBFA1721B4} - (no file)

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

R3 - URLSearchHook: (no name) - {86475B9F-C273-9E82-0622-EA1BC40411E1} - (no file)

R3 - URLSearchHook: (no name) - {7B5CB669-2B86-7C26-A9ED-06D58820B0E8} - (no file)

F2 - REG:system.ini: Shell=Explorer.exe, C:\WINDOWS\system32\kijre.exe

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,udqvonh.exe

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {36ADA89D-2440-4DC4-820A-3A05E8630935} - C:\Program Files\Image ActiveX Access\iesplg.dll (file missing)

O2 - BHO: (no name) - {433D3D87-A163-F59C-1A16-898DBD2582EE} - C:\WINDOWS\system32\vnmjccs.dll

O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet7_48.dll

O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll

O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll

O2 - BHO: (no name) - {C06D0866-998D-9272-A0D8-B5DEB8B20AB2} - C:\WINDOWS\system32\nefu.dll (file missing)

O2 - BHO: (no name) - {E2084B60-A3F1-885F-DB7F-F8ADDBE672B2} - C:\WINDOWS\system32\lrn.dll (file missing)

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O3 - Toolbar: Protection Bar - {29C5A3B6-9A8D-4FA0-B5AD-3E20F4AA5C00} - C:\Program Files\Image ActiveX Access\iesbpl.dll (file missing)

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [storageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Browser Mouse\Browser Mouse\1.1\MOUSE32A.EXE

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"

O4 - HKLM\..\Run: [sSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [sDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"

O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,ClientStartup -s

O4 - HKCU\..\Run: [Kyyatd] C:\DOCUME~1\ADMINI~1\APPLIC~1\CROSOF~1.NET\ANREGW~1.EXE

O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R

O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet

O4 - HKCU\..\Run: [DW4] "C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"

O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: hpoddt01.exe.lnk = ?

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZJfox000

O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm

O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm

O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll

O9 - Extra button: InterCasino $$$ - {909AAEB6-C2CB-4AB5-A7BB-C33B72AB4BFB} - C:\Documents and Settings\Administrator\Desktop\InterCasino $$$.lnk (file missing)

O9 - Extra 'Tools' menuitem: InterCasino $$$ - {909AAEB6-C2CB-4AB5-A7BB-C33B72AB4BFB} - C:\Documents and Settings\Administrator\Desktop\InterCasino $$$.lnk (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: InterCasino $$$ - {909AAEB6-C2CB-4AB5-A7BB-C33B72AB4BFB} - C:\Documents and Settings\Administrator\Desktop\InterCasino $$$.lnk (file missing) (HKCU)

O9 - Extra 'Tools' menuitem: InterCasino $$$ - {909AAEB6-C2CB-4AB5-A7BB-C33B72AB4BFB} - C:\Documents and Settings\Administrator\Desktop\InterCasino $$$.lnk (file missing) (HKCU)

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {20050325-D35A-4233-926E-2E801AE25949} (NMJPStarter15 Class) - http://www.netmarble.jp/_common/cab/NMStarterJP6.cab

O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://www.drivecleaner.com/.freeware/inst...leanerstart.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {3C403675-B43C-410B-BF56-D4D1FB68356C} (ActiveXPortal Control) - http://72.29.84.224/OCX/gwnet.cab

O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) - http://www.miniclip.com/games/ricochet-los...bGameLoader.cab

O16 - DPF: {6FC19219-C47E-4880-9A79-D218A1C374F9} (NMJTransX Control) - http://file.netmarble.jp/Control/NMJTransX.cab

O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab

O16 - DPF: {7C5D062A-7A1E-4A46-A02B-A928084CBD66} (MLauncherNew Class) - http://legendofares.netgame.com/download/MusaLauncherNew.cab

O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownlo...GPlugin9USA.cab

O20 - AppInit_DLLs: wuaclt.dll

O20 - Winlogon Notify: sysfrcx - sysfrcx.dll (file missing)

O20 - Winlogon Notify: win_spool2 - win_spool2.dll (file missing)

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE

O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe

O23 - Service: (Network Monitor) - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)

O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe

O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe

O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

--

End of file - 22194 bytes

Link to post
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.