thatiscrayz
05-21-2005, 10:51 PM
i have a load of spyware/adware on my cpu. and there's this annoying thing on desktop background that won't go away. Someone please help. heres my hijack log
Logfile of HijackThis v1.99.1
Scan saved at 1:48:23 AM, on 5/22/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\sys4831.exe
C:\WINDOWS\System32\lsas.exe
C:\WINDOWS\system32\init32m.exe
C:\WINDOWS\System32\sessmgr.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\AIM\aim.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\init32m.exe
C:\WINDOWS\System32\win32.exe
C:\WINDOWS\System32\Services\{267B9320-3706-4A0D-A09B-237DEB1F8BBD}\SVCHOST.EXE
C:\Program Files\America Online 9.0\waol.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\America Online 9.0\shellmon.exe
C:\Program Files\Common Files\Aol\aoltpspd.exe
C:\WINDOWS\System32\objsel.exe
C:\WINDOWS\System32\winpack.exe
C:\Documents and Settings\kYd\Desktop\New Folder\New Folder\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://w-find.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://w-find.com/index.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.clicksearchclick.com/index.php?aff=19
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://w-find.com/sp.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://w-find.com/index.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: (no name) - _{1E432263-6841-4653-8F02-366A2F77E339} - (no file)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - C:\Program Files\TV Media\TvmBho.dll (file missing)
F2 - REG:system.ini: Shell=Explorer.exe init32m.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: EventHandler Class - {9FB534E3-67CB-4307-AE0A-9E8B5581BE2C} - C:\PROGRA~1\WINDOW~4\WinSB1.DLL
O4 - HKLM\..\Run: [WebSavingsfromEbates] C:\Program Files\WebSavingsfromEbates\WebSavingsfromEbatesrun .exe /cp:p "C:\Program Files\WebSavingsfromEbates\System\Code" Main lp: "C:\Program Files\WebSavingsfromEbates"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [sys4831] C:\WINDOWS\sys4831.exe
O4 - HKLM\..\Run: [Shellspl] lsas.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [msci] C:\DOCUME~1\kYd\LOCALS~1\Temp\200552212858_mcinfo. exe /insfin
O4 - HKLM\..\Run: [Cleanup] C:\DOCUME~1\kYd\LOCALS~1\Temp\200552212858_mcappin s.exe /v=3 /cleanup
O4 - HKLM\..\Run: [Service Host] C:\WINDOWS\System32\Services\{267B9320-3706-4A0D-A09B-237DEB1F8BBD}\SVCHOST.EXE
O4 - HKLM\..\Run: [saie] c:\windows\system32\saie.exe
O4 - HKLM\..\Run: [Disk Keeper] C:\WINDOWS\System32\Services\{267B9320-3706-4A0D-A09B-237DEB1F8BBD}\SECURITY.EXE
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [winpack] C:\WINDOWS\System32\winpack.exe
O4 - HKCU\..\Run: [objsel] C:\WINDOWS\System32\objsel.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [fubqklo] c:\windows\xjnsxam.exe
O4 - HKCU\..\Run: [sys4831] C:\WINDOWS\sys4831.exe
O4 - HKCU\..\Run: [ifhkqmm] c:\windows\xjnsxam.exe
O4 - HKCU\..\Run: [luvwdgd] c:\windows\xjnsxam.exe
O4 - HKCU\..\Run: [wbvhyci] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [glgcrvf] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [eauxode] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [uhfrhxm] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [hcoeugu] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [xxdevit] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [fjqhjtj] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [oeryhfn] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [jssyura] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [jixvalt] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [cphjanx] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [dkpdipp] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [cjwiltu] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [srsueqc] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [uknplvj] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [ialbcgc] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [imvlbpk] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [opiktru] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [iwpownd] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [rhxkmyk] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [saxcrkp] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [iqntkec] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [drgsphv] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [cfjiooj] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [fuempux] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [eudkraq] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [vtcljan] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [kwspyjg] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [wenhepu] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [pyjlovr] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [coqckip] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [gbxkuqc] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [oeyjiyu] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [hhumilf] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [eqprxyh] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [pkwlecr] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [odryluu] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [npvlffh] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [mybdwir] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [qdvpada] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [hakoale] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [ccqpynb] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [qlpxpsx] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [ehogrmg] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [ybksdax] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [xillshy] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [rhngmbm] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [oiiuqoa] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [ivvdkoy] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [rctsnhd] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [gocsuxg] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [ihiahxp] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [keumpbg] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [qolgcqi] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [vnpoelt] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [trsojpc] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [yerlhgx] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [dwdaohf] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [tarkljk] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [ukyjysm] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [mucolop] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [loavcio] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [sblggsp] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [lpvdave] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [qmjfigp] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [kxmsnol] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [nepivfw] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [tvroyjt] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [agmpyxv] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [ckbjdwk] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [vwtfpli] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [htsgqal] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [xjmqcbk] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [mgnjjsr] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [scoqvum] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [wfbnrfg] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [xsktohm] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [guibklh] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [lmvkljs] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [jbvlmqb] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [riqffyq] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [gvqlwwh] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [efxkqui] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [fgutspx] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [lpenmny] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [mhmhrqb] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [mwpoomt] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [cliyokc] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [mfoquss] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [aidlnsp] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [htkfhas] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [ndqomjl] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [gbekvfq] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [lphvods] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [cehhopx] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [nlitpyf] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [qwsyehw] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [ynjfvwg] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [oqehcgs] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [wjrhycd] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [svlkexk] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [dahodym] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [nijnkjp] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [ngahslc] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [vttlpuu] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [ipxtibe] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [hbbtkgy] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [bdmjshv] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [kxsfquj] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [pyhlmyv] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [ronfbqx] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [pmtgbqr] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [ogwfgjl] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [hctakcx] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [rcjjbcs] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [jityawe] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [wwufayn] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [qygnfww] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [rqqfwfg] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [frgwyll] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [jcasbkf] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [wwpxnca] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [ohqrrar] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [rxgtvxk] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [eyakskd] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [cknbikn] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [cgwkplk] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [gawujhc] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [cncqpht] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [qsfreht] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [mfbqefk] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [jajatvj] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [augtrqf] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [qvoejqq] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [xsbmnet] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [ndfxfqi] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [ikftmnr] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [byyvkud] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [embphvo] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [ubksmxr] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [fvqhsup] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [kckcuvg] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [lyshxui] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [tjqxtjx] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [rejoxou] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [kipesgj] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [pbhmcwn] c:\windows\svsavvb.exe
O4 - HKCU\..\Run: [xbhctge] c:\windows\svsavvb.exe
O4 - HKCU\..\Run: [recdtpw] c:\windows\svsavvb.exe
O4 - HKCU\..\Run: [swftsdy] c:\windows\svsavvb.exe
O4 - HKCU\..\Run: [omytmxc] c:\windows\svsavvb.exe
O4 - HKCU\..\Run: [uqkibmg] c:\windows\svsavvb.exe
O4 - HKCU\..\Run: [hthkovc] c:\windows\svsavvb.exe
O4 - HKCU\..\Run: [xdrnsdl] c:\windows\svsavvb.exe
O4 - HKCU\..\Run: [llbjcct] c:\windows\svsavvb.exe
O4 - HKCU\..\Run: [asnvwfu] c:\windows\svsavvb.exe
O4 - HKCU\..\Run: [tciekeo] c:\windows\tfjrwxr.exe
O4 - HKCU\..\Run: [swcmtol] c:\windows\tfjrwxr.exe
O4 - HKCU\..\Run: [dxarvus] c:\windows\tfjrwxr.exe
O4 - HKCU\..\Run: [qrwwjyf] c:\windows\tfjrwxr.exe
O4 - HKCU\..\Run: [tsbaupq] c:\windows\ntntlot.exe
O4 - HKCU\..\Run: [oouobuh] c:\windows\ntntlot.exe
O4 - HKCU\..\Run: [nokjiik] c:\windows\ntntlot.exe
O4 - HKCU\..\Run: [otlgwje] c:\windows\ntntlot.exe
O4 - HKCU\..\Run: [wcusndw] c:\windows\ntntlot.exe
O4 - HKCU\..\Run: [uktthyq] c:\windows\ntntlot.exe
O4 - HKCU\..\Run: [flfqtxr] c:\windows\ntntlot.exe
O4 - HKCU\..\Run: [ymnryuk] c:\windows\ntntlot.exe
O4 - HKCU\..\Run: [equcgal] c:\windows\ntntlot.exe
O4 - HKCU\..\Run: [strkcgd] c:\windows\ntntlot.exe
O4 - HKCU\..\Run: [umhhggl] c:\windows\ntntlot.exe
O4 - HKCU\..\Run: [ceqcllm] c:\windows\ntntlot.exe
O4 - HKCU\..\Run: [bpxsjrs] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [ygyqccj] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [tpbapvd] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [deppsdq] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [wljfcto] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [cyhwclh] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [yuwgwqk] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [qrpgjnk] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [rwblmrf] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [gavfdix] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [axbdpfq] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [hoxfvmq] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [cdilsji] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [tfrhoag] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [bgqyslh] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [bglfbuu] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [nnbmuwi] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [ftupfkp] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [dppytng] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [phyaqnd] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [mkdjrru] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [oxydsbl] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [khiruvo] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [thuayre] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [pbhyrlj] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [lxfnpbb] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [jdiluya] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [makomkt] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [wrurlwh] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [sntvwqm] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [kpxfrts] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [kiotjnm] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [ocfdbsc] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [bjdekfe] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [acybqhg] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [tfrecgw] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [wgfubvd] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [fniejxm] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [byrhbnt] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [djxbhoj] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [dcnkdyr] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [yfoaxeh] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [yqbrvdl] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [lbmssdl] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [exhwgmx] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [iynqnlm] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [qklviko] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [vodglfj] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [yhsaeto] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [khoojxw] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [vetwiqa] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [ealqovk] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [vtshknw] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [pkynemd] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [vwfqbvh] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [enlbciq] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [khllsot] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [vouaxhd] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [tjkdxkh] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [wkyfbia] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [gecgyxo] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [vvkepjg] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [nlvylgm] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [frqavqg] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [dgqtywm] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [lvypbgf] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [uvnqaet] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [xucyfyg] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [eqdkppf] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [dmyjyps] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [bwdndvp] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [qioeilp] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [ohacnuk] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [jqslubv] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [iepgbgm] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [spfolmy] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [rsvqlmw] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [fwpourl] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [gcotxoo] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [hloedjm] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [awkurpj] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [rpgmivk] c:\windows\pnktrvr.exe
O4 - HKCU\..\Run: [knupdvw] c:\windows\pnktrvr.exe
O4 - HKCU\..\Run: [wouefxt] c:\windows\pnktrvr.exe
O4 - HKCU\..\Run: [cghkgek] c:\windows\pnktrvr.exe
O4 - HKCU\..\Run: [jneqmuv] c:\windows\pnktrvr.exe
O4 - HKCU\..\Run: [vxdfljc] c:\windows\pnktrvr.exe
O4 - HKCU\..\Run: [ninjjyt] c:\windows\pnktrvr.exe
O4 - HKCU\..\Run: [xdouyng] c:\windows\pnktrvr.exe
O4 - HKCU\..\Run: [dmtdycs] c:\windows\pnktrvr.exe
O4 - HKCU\..\Run: [juinvjc] c:\windows\pnktrvr.exe
O4 - HKCU\..\Run: [sccnowi] c:\windows\pnktrvr.exe
O4 - HKCU\..\Run: [tjcpyme] c:\windows\pnktrvr.exe
O4 - HKCU\..\Run: [ihvtwit] c:\windows\pnktrvr.exe
O4 - HKCU\..\Run: [pcgtauy] c:\windows\dfgojqo.exe
O4 - HKCU\..\Run: [eafeqee] c:\windows\dfgojqo.exe
O4 - HKCU\..\Run: [kcohlvj] c:\windows\dfgojqo.exe
O4 - HKCU\..\Run: [uclynyj] c:\windows\dfgojqo.exe
O4 - HKCU\..\Run: [gvbrlmg] c:\windows\dfgojqo.exe
O4 - HKCU\..\Run: [asasyko] c:\windows\dfgojqo.exe
O4 - HKCU\..\Run: [cddinjv] c:\windows\dfgojqo.exe
O4 - HKCU\..\Run: [jonkoiq] c:\windows\dfgojqo.exe
O4 - HKCU\..\Run: [srbrbxs] c:\windows\xtebgxf.exe
O4 - HKCU\..\Run: [ekdtcfc] c:\windows\xtebgxf.exe
O4 - HKCU\..\Run: [kunqkcr] c:\windows\xtebgxf.exe
O4 - HKCU\..\Run: [ydbpfpa] c:\windows\xtebgxf.exe
O4 - HKCU\..\Run: [glmtagq] c:\windows\pywkqyt.exe
O4 - HKCU\..\Run: [wupd] C:\WINDOWS\System32\win32.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Define - C:\WINDOWS\Web\ERS_DEF.HTM
O8 - Extra context menu item: &Search the Web - C:\WINDOWS\Web\ERS_SRC.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Look Up in &Encyclopedia - C:\WINDOWS\Web\ERS_ENC.HTM
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {E7038505-15CC-4791-A9EC-791EF81259D9} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {E7038505-15CC-4791-A9EC-791EF81259D9} - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\flsmngr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\flsmngr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\flsmngr.dll
O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:\counter.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
O16 - DPF: {C62DFDC7-2EEC-4C2C-827A-BC0BFB4260B3} (IMViewerControl Class) - http://companion.logitech.com/companion/logitech/ver1.4.0.1071/bin/imvid.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BB969D0D-3337-4633-9F4B-D616FD5104F3}: NameServer = 205.188.146.145
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O21 - SSODL: System - {BA3B3B85-70B3-4C9D-B6BF-A5354C87F53A} - vr_sys.dll (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
Logfile of HijackThis v1.99.1
Scan saved at 1:48:23 AM, on 5/22/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\sys4831.exe
C:\WINDOWS\System32\lsas.exe
C:\WINDOWS\system32\init32m.exe
C:\WINDOWS\System32\sessmgr.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\AIM\aim.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\init32m.exe
C:\WINDOWS\System32\win32.exe
C:\WINDOWS\System32\Services\{267B9320-3706-4A0D-A09B-237DEB1F8BBD}\SVCHOST.EXE
C:\Program Files\America Online 9.0\waol.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\America Online 9.0\shellmon.exe
C:\Program Files\Common Files\Aol\aoltpspd.exe
C:\WINDOWS\System32\objsel.exe
C:\WINDOWS\System32\winpack.exe
C:\Documents and Settings\kYd\Desktop\New Folder\New Folder\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://w-find.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://w-find.com/index.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.clicksearchclick.com/index.php?aff=19
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://w-find.com/sp.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://w-find.com/index.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: (no name) - _{1E432263-6841-4653-8F02-366A2F77E339} - (no file)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - C:\Program Files\TV Media\TvmBho.dll (file missing)
F2 - REG:system.ini: Shell=Explorer.exe init32m.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: EventHandler Class - {9FB534E3-67CB-4307-AE0A-9E8B5581BE2C} - C:\PROGRA~1\WINDOW~4\WinSB1.DLL
O4 - HKLM\..\Run: [WebSavingsfromEbates] C:\Program Files\WebSavingsfromEbates\WebSavingsfromEbatesrun .exe /cp:p "C:\Program Files\WebSavingsfromEbates\System\Code" Main lp: "C:\Program Files\WebSavingsfromEbates"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [sys4831] C:\WINDOWS\sys4831.exe
O4 - HKLM\..\Run: [Shellspl] lsas.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [msci] C:\DOCUME~1\kYd\LOCALS~1\Temp\200552212858_mcinfo. exe /insfin
O4 - HKLM\..\Run: [Cleanup] C:\DOCUME~1\kYd\LOCALS~1\Temp\200552212858_mcappin s.exe /v=3 /cleanup
O4 - HKLM\..\Run: [Service Host] C:\WINDOWS\System32\Services\{267B9320-3706-4A0D-A09B-237DEB1F8BBD}\SVCHOST.EXE
O4 - HKLM\..\Run: [saie] c:\windows\system32\saie.exe
O4 - HKLM\..\Run: [Disk Keeper] C:\WINDOWS\System32\Services\{267B9320-3706-4A0D-A09B-237DEB1F8BBD}\SECURITY.EXE
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [winpack] C:\WINDOWS\System32\winpack.exe
O4 - HKCU\..\Run: [objsel] C:\WINDOWS\System32\objsel.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [fubqklo] c:\windows\xjnsxam.exe
O4 - HKCU\..\Run: [sys4831] C:\WINDOWS\sys4831.exe
O4 - HKCU\..\Run: [ifhkqmm] c:\windows\xjnsxam.exe
O4 - HKCU\..\Run: [luvwdgd] c:\windows\xjnsxam.exe
O4 - HKCU\..\Run: [wbvhyci] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [glgcrvf] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [eauxode] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [uhfrhxm] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [hcoeugu] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [xxdevit] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [fjqhjtj] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [oeryhfn] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [jssyura] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [jixvalt] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [cphjanx] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [dkpdipp] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [cjwiltu] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [srsueqc] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [uknplvj] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [ialbcgc] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [imvlbpk] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [opiktru] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [iwpownd] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [rhxkmyk] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [saxcrkp] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [iqntkec] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [drgsphv] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [cfjiooj] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [fuempux] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [eudkraq] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [vtcljan] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [kwspyjg] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [wenhepu] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [pyjlovr] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [coqckip] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [gbxkuqc] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [oeyjiyu] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [hhumilf] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [eqprxyh] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [pkwlecr] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [odryluu] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [npvlffh] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [mybdwir] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [qdvpada] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [hakoale] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [ccqpynb] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [qlpxpsx] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [ehogrmg] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [ybksdax] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [xillshy] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [rhngmbm] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [oiiuqoa] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [ivvdkoy] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [rctsnhd] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [gocsuxg] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [ihiahxp] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [keumpbg] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [qolgcqi] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [vnpoelt] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [trsojpc] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [yerlhgx] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [dwdaohf] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [tarkljk] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [ukyjysm] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [mucolop] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [loavcio] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [sblggsp] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [lpvdave] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [qmjfigp] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [kxmsnol] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [nepivfw] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [tvroyjt] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [agmpyxv] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [ckbjdwk] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [vwtfpli] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [htsgqal] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [xjmqcbk] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [mgnjjsr] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [scoqvum] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [wfbnrfg] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [xsktohm] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [guibklh] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [lmvkljs] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [jbvlmqb] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [riqffyq] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [gvqlwwh] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [efxkqui] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [fgutspx] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [lpenmny] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [mhmhrqb] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [mwpoomt] c:\windows\ifwyiki.exe
O4 - HKCU\..\Run: [cliyokc] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [mfoquss] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [aidlnsp] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [htkfhas] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [ndqomjl] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [gbekvfq] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [lphvods] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [cehhopx] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [nlitpyf] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [qwsyehw] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [ynjfvwg] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [oqehcgs] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [wjrhycd] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [svlkexk] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [dahodym] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [nijnkjp] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [ngahslc] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [vttlpuu] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [ipxtibe] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [hbbtkgy] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [bdmjshv] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [kxsfquj] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [pyhlmyv] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [ronfbqx] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [pmtgbqr] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [ogwfgjl] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [hctakcx] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [rcjjbcs] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [jityawe] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [wwufayn] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [qygnfww] c:\windows\isonfpp.exe
O4 - HKCU\..\Run: [rqqfwfg] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [frgwyll] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [jcasbkf] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [wwpxnca] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [ohqrrar] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [rxgtvxk] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [eyakskd] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [cknbikn] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [cgwkplk] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [gawujhc] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [cncqpht] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [qsfreht] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [mfbqefk] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [jajatvj] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [augtrqf] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [qvoejqq] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [xsbmnet] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [ndfxfqi] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [ikftmnr] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [byyvkud] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [embphvo] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [ubksmxr] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [fvqhsup] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [kckcuvg] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [lyshxui] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [tjqxtjx] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [rejoxou] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [kipesgj] c:\windows\tleysbg.exe
O4 - HKCU\..\Run: [pbhmcwn] c:\windows\svsavvb.exe
O4 - HKCU\..\Run: [xbhctge] c:\windows\svsavvb.exe
O4 - HKCU\..\Run: [recdtpw] c:\windows\svsavvb.exe
O4 - HKCU\..\Run: [swftsdy] c:\windows\svsavvb.exe
O4 - HKCU\..\Run: [omytmxc] c:\windows\svsavvb.exe
O4 - HKCU\..\Run: [uqkibmg] c:\windows\svsavvb.exe
O4 - HKCU\..\Run: [hthkovc] c:\windows\svsavvb.exe
O4 - HKCU\..\Run: [xdrnsdl] c:\windows\svsavvb.exe
O4 - HKCU\..\Run: [llbjcct] c:\windows\svsavvb.exe
O4 - HKCU\..\Run: [asnvwfu] c:\windows\svsavvb.exe
O4 - HKCU\..\Run: [tciekeo] c:\windows\tfjrwxr.exe
O4 - HKCU\..\Run: [swcmtol] c:\windows\tfjrwxr.exe
O4 - HKCU\..\Run: [dxarvus] c:\windows\tfjrwxr.exe
O4 - HKCU\..\Run: [qrwwjyf] c:\windows\tfjrwxr.exe
O4 - HKCU\..\Run: [tsbaupq] c:\windows\ntntlot.exe
O4 - HKCU\..\Run: [oouobuh] c:\windows\ntntlot.exe
O4 - HKCU\..\Run: [nokjiik] c:\windows\ntntlot.exe
O4 - HKCU\..\Run: [otlgwje] c:\windows\ntntlot.exe
O4 - HKCU\..\Run: [wcusndw] c:\windows\ntntlot.exe
O4 - HKCU\..\Run: [uktthyq] c:\windows\ntntlot.exe
O4 - HKCU\..\Run: [flfqtxr] c:\windows\ntntlot.exe
O4 - HKCU\..\Run: [ymnryuk] c:\windows\ntntlot.exe
O4 - HKCU\..\Run: [equcgal] c:\windows\ntntlot.exe
O4 - HKCU\..\Run: [strkcgd] c:\windows\ntntlot.exe
O4 - HKCU\..\Run: [umhhggl] c:\windows\ntntlot.exe
O4 - HKCU\..\Run: [ceqcllm] c:\windows\ntntlot.exe
O4 - HKCU\..\Run: [bpxsjrs] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [ygyqccj] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [tpbapvd] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [deppsdq] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [wljfcto] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [cyhwclh] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [yuwgwqk] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [qrpgjnk] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [rwblmrf] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [gavfdix] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [axbdpfq] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [hoxfvmq] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [cdilsji] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [tfrhoag] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [bgqyslh] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [bglfbuu] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [nnbmuwi] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [ftupfkp] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [dppytng] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [phyaqnd] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [mkdjrru] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [oxydsbl] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [khiruvo] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [thuayre] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [pbhyrlj] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [lxfnpbb] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [jdiluya] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [makomkt] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [wrurlwh] c:\windows\qxekabt.exe
O4 - HKCU\..\Run: [sntvwqm] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [kpxfrts] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [kiotjnm] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [ocfdbsc] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [bjdekfe] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [acybqhg] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [tfrecgw] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [wgfubvd] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [fniejxm] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [byrhbnt] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [djxbhoj] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [dcnkdyr] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [yfoaxeh] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [yqbrvdl] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [lbmssdl] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [exhwgmx] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [iynqnlm] c:\windows\rjxcnex.exe
O4 - HKCU\..\Run: [qklviko] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [vodglfj] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [yhsaeto] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [khoojxw] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [vetwiqa] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [ealqovk] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [vtshknw] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [pkynemd] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [vwfqbvh] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [enlbciq] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [khllsot] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [vouaxhd] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [tjkdxkh] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [wkyfbia] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [gecgyxo] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [vvkepjg] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [nlvylgm] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [frqavqg] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [dgqtywm] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [lvypbgf] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [uvnqaet] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [xucyfyg] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [eqdkppf] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [dmyjyps] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [bwdndvp] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [qioeilp] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [ohacnuk] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [jqslubv] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [iepgbgm] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [spfolmy] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [rsvqlmw] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [fwpourl] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [gcotxoo] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [hloedjm] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [awkurpj] c:\windows\mtbxjxj.exe
O4 - HKCU\..\Run: [rpgmivk] c:\windows\pnktrvr.exe
O4 - HKCU\..\Run: [knupdvw] c:\windows\pnktrvr.exe
O4 - HKCU\..\Run: [wouefxt] c:\windows\pnktrvr.exe
O4 - HKCU\..\Run: [cghkgek] c:\windows\pnktrvr.exe
O4 - HKCU\..\Run: [jneqmuv] c:\windows\pnktrvr.exe
O4 - HKCU\..\Run: [vxdfljc] c:\windows\pnktrvr.exe
O4 - HKCU\..\Run: [ninjjyt] c:\windows\pnktrvr.exe
O4 - HKCU\..\Run: [xdouyng] c:\windows\pnktrvr.exe
O4 - HKCU\..\Run: [dmtdycs] c:\windows\pnktrvr.exe
O4 - HKCU\..\Run: [juinvjc] c:\windows\pnktrvr.exe
O4 - HKCU\..\Run: [sccnowi] c:\windows\pnktrvr.exe
O4 - HKCU\..\Run: [tjcpyme] c:\windows\pnktrvr.exe
O4 - HKCU\..\Run: [ihvtwit] c:\windows\pnktrvr.exe
O4 - HKCU\..\Run: [pcgtauy] c:\windows\dfgojqo.exe
O4 - HKCU\..\Run: [eafeqee] c:\windows\dfgojqo.exe
O4 - HKCU\..\Run: [kcohlvj] c:\windows\dfgojqo.exe
O4 - HKCU\..\Run: [uclynyj] c:\windows\dfgojqo.exe
O4 - HKCU\..\Run: [gvbrlmg] c:\windows\dfgojqo.exe
O4 - HKCU\..\Run: [asasyko] c:\windows\dfgojqo.exe
O4 - HKCU\..\Run: [cddinjv] c:\windows\dfgojqo.exe
O4 - HKCU\..\Run: [jonkoiq] c:\windows\dfgojqo.exe
O4 - HKCU\..\Run: [srbrbxs] c:\windows\xtebgxf.exe
O4 - HKCU\..\Run: [ekdtcfc] c:\windows\xtebgxf.exe
O4 - HKCU\..\Run: [kunqkcr] c:\windows\xtebgxf.exe
O4 - HKCU\..\Run: [ydbpfpa] c:\windows\xtebgxf.exe
O4 - HKCU\..\Run: [glmtagq] c:\windows\pywkqyt.exe
O4 - HKCU\..\Run: [wupd] C:\WINDOWS\System32\win32.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Define - C:\WINDOWS\Web\ERS_DEF.HTM
O8 - Extra context menu item: &Search the Web - C:\WINDOWS\Web\ERS_SRC.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Look Up in &Encyclopedia - C:\WINDOWS\Web\ERS_ENC.HTM
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {E7038505-15CC-4791-A9EC-791EF81259D9} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {E7038505-15CC-4791-A9EC-791EF81259D9} - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\flsmngr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\flsmngr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\flsmngr.dll
O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:\counter.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
O16 - DPF: {C62DFDC7-2EEC-4C2C-827A-BC0BFB4260B3} (IMViewerControl Class) - http://companion.logitech.com/companion/logitech/ver1.4.0.1071/bin/imvid.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BB969D0D-3337-4633-9F4B-D616FD5104F3}: NameServer = 205.188.146.145
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O21 - SSODL: System - {BA3B3B85-70B3-4C9D-B6BF-A5354C87F53A} - vr_sys.dll (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe