showup2blowup
05-25-2005, 10:00 AM
First off thanks for any help:cheers
I have neglected my computer for some time. Now when i ran Avg i got the trojan horse kreppper.x. It has multiplied so much it is not able to finish scanning or heal itself. There probably is much more wrong with my computer also, with popups ect. Just realizing you got be a little more defensive. Here is my log. Thanks alot!!
Logfile of HijackThis v1.99.1
Scan saved at 9:28:22 AM, on 5/25/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InfoMyCa.exe
C:\WINDOWS\System32\kxbvivhr5ytothd.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Media Access\MediaAccK.exe
C:\Program Files\Media Access\MediaAccess.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv2.exe
C:\WINDOWS\System32\kernels32.exe
C:\program files\180search assistant\saap.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\devldr32.exe
C:\WINDOWS\System32\vxgamet2.exe
C:\Documents and Settings\dominic dollar.DOMINIC\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://letgohome.com/sp.htm?id=533
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\DOMINI~1.DOM\LOCALS~1\Temp\se.dll/spage.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\DOMINI~1.DOM\LOCALS~1\Temp\se.dll/spage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\System32\kernels32.exe
O2 - BHO: Loader Class - {2E246FAE-8420-11D9-870D-000C2917DE7F} - C:\WINDOWS\SYSTEM\Loader.dll
O2 - BHO: (no name) - {467FAEB2-5F5B-4c81-BAE0-2A4752CA7F4E} - C:\WINDOWS\System32\.dll (file missing)
O2 - BHO: (no name) - {B21D783B-C53E-4BFF-96FB-2FA60320024A} - C:\WINDOWS\System32\ikmj.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WUSB54Gv2] C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InvokeSvc3.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [Nkkvghvj] C:\Program Files\Hbghfer\Tzyehi.exe
O4 - HKLM\..\Run: [Control handler] C:\WINDOWS\System32\kxbvivhr5ytothd.exe
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Service Host] C:\WINDOWS\System32\Services\{6994968E-48EB-4B73-BBD5-21457E3671F1}\SVCHOST.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [System] C:\WINDOWS\System32\kernels32.exe
O4 - HKLM\..\Run: [WindowsUpdate] C:\WINDOWS\System\svchost.exe /s
O4 - HKLM\..\Run: [saap] c:\program files\180search assistant\saap.exe
O4 - HKLM\..\Run: [vcvwn] C:\WINDOWS\vcvwn.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Microsoft AntiSpyware helper - {083CAF6C-A7EC-43EA-83D6-9022C0B1168C} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {083CAF6C-A7EC-43EA-83D6-9022C0B1168C} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {0D66D310-22A6-4E5F-A2F0-0D19AB08A04A} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {0D66D310-22A6-4E5F-A2F0-0D19AB08A04A} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {20BD1646-91F4-4E4C-8D51-F42E4344385B} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {20BD1646-91F4-4E4C-8D51-F42E4344385B} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {21F4ECB8-EC24-4E80-BF86-42BAC4FDFCC4} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {21F4ECB8-EC24-4E80-BF86-42BAC4FDFCC4} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {26B927AE-413D-4487-88B8-98A908461AE9} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {26B927AE-413D-4487-88B8-98A908461AE9} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {2D87EB51-B400-4359-AD65-68EE1D229DEC} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {2D87EB51-B400-4359-AD65-68EE1D229DEC} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {315694B7-F328-49BF-AEE7-D73A7495011C} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {315694B7-F328-49BF-AEE7-D73A7495011C} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {524C86A3-D3BA-49F9-A9D9-DDF01C01B6A6} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {524C86A3-D3BA-49F9-A9D9-DDF01C01B6A6} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {550C2790-628C-4CC2-87A8-578F70F53A6A} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {550C2790-628C-4CC2-87A8-578F70F53A6A} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {5B1FC7FA-5274-4D7A-97DA-14329725C0A1} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {5B1FC7FA-5274-4D7A-97DA-14329725C0A1} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {5DCECE39-AFB1-4B2E-8CA3-E9AAEA51908A} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {5DCECE39-AFB1-4B2E-8CA3-E9AAEA51908A} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {67FE8706-60AE-43E5-B219-3B9220F454A7} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {67FE8706-60AE-43E5-B219-3B9220F454A7} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {797F7D29-2199-4A41-B006-368EFC22D202} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {797F7D29-2199-4A41-B006-368EFC22D202} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {81607A16-75C3-4A12-91D6-EF1A0EEDB87E} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {81607A16-75C3-4A12-91D6-EF1A0EEDB87E} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {851E0541-4C10-440E-A5D9-CDD32A701B20} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {851E0541-4C10-440E-A5D9-CDD32A701B20} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {89902251-B84B-46B8-A183-A2DEF587FE0A} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {89902251-B84B-46B8-A183-A2DEF587FE0A} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {9BAFD298-EC51-4CD7-9D26-47594DFA48D1} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {9BAFD298-EC51-4CD7-9D26-47594DFA48D1} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {AC69A38E-D0BE-4F73-9D53-E228241F208D} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {AC69A38E-D0BE-4F73-9D53-E228241F208D} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {B4452556-1EAC-486A-BFED-EA83D59F26F0} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {B4452556-1EAC-486A-BFED-EA83D59F26F0} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {B5C2C674-6AB4-4B83-B4BA-A6A386ABE64A} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {B5C2C674-6AB4-4B83-B4BA-A6A386ABE64A} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {B6916576-E0A1-4788-BC11-A616CF8CAC10} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {B6916576-E0A1-4788-BC11-A616CF8CAC10} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {B7E7D588-BC93-4003-8AD3-3B9D420FEEA6} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {B7E7D588-BC93-4003-8AD3-3B9D420FEEA6} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {CDF18B90-DD8C-4DA3-B2A2-0C1336D79C12} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {CDF18B90-DD8C-4DA3-B2A2-0C1336D79C12} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {CEBA2D99-DE8B-41BD-BC03-9503712143FF} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {CEBA2D99-DE8B-41BD-BC03-9503712143FF} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {D3A9B10F-59EB-4410-9FBF-2D8BCB72221F} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {D3A9B10F-59EB-4410-9FBF-2D8BCB72221F} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {DB984E34-0968-400B-A55C-BB277C0D6CE8} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {DB984E34-0968-400B-A55C-BB277C0D6CE8} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {DC5E907B-A58F-430D-8A82-A4E5DAA11C45} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {DC5E907B-A58F-430D-8A82-A4E5DAA11C45} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {DEDB68F9-CB5B-47F5-9657-373EE44E5C39} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {DEDB68F9-CB5B-47F5-9657-373EE44E5C39} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {E9D58A5F-F642-404E-8F65-C7F0A74DED90} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {E9D58A5F-F642-404E-8F65-C7F0A74DED90} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {EA52A0EE-3E7E-4CE9-8187-DE90729D8625} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {EA52A0EE-3E7E-4CE9-8187-DE90729D8625} - (no file) (HKCU)
O12 - Plugin for .PDF: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O15 - Trusted Zone: *.blazefind.com
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.searchbarcash.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.skoobidoo.com
O15 - Trusted Zone: *.slotch.com
O15 - Trusted Zone: *.slotchbar.com
O15 - Trusted Zone: *.windupdates.com
O15 - Trusted Zone: *.xxxtoolbar.com
O15 - Trusted Zone: *.ysbweb.com
O15 - Trusted Zone: *.blazefind.com (HKLM)
O15 - Trusted Zone: *.clickspring.net (HKLM)
O15 - Trusted Zone: *.flingstone.com (HKLM)
O15 - Trusted Zone: *.mt-download.com (HKLM)
O15 - Trusted Zone: *.my-internet.info (HKLM)
O15 - Trusted Zone: *.searchbarcash.com (HKLM)
O15 - Trusted Zone: *.searchmiracle.com (HKLM)
O15 - Trusted Zone: *.skoobidoo.com (HKLM)
O15 - Trusted Zone: *.slotch.com (HKLM)
O15 - Trusted Zone: *.slotchbar.com (HKLM)
O15 - Trusted Zone: *.windupdates.com (HKLM)
O15 - Trusted Zone: *.xxxtoolbar.com (HKLM)
O15 - Trusted Zone: *.ysbweb.com (HKLM)
O15 - Trusted IP range: 67.19.178.84
O15 - Trusted IP range: 67.19.178.84 (HKLM)
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!http://vparivalka.com/G7/chm10.chm::/ieloader.exe
O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:\Recycled\Q678340.exe
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c10.cab
O16 - DPF: {99410CDE-6F16-42ce-9D49-3807F78F0287} (ClientInstaller Class) - http://www.180searchassistant.com/180saax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{51050F49-DFB7-4332-8DEA-5DC9E98D26E8}: NameServer = 216.195.47.98;
O17 - HKLM\System\CCS\Services\Tcpip\..\{B47BB460-8B11-4592-B38A-FB7598CE0BFC}: NameServer = 216.195.47.98;
O18 - Filter: text/html - {84E7BC47-D29E-4319-BB4B-0708A8491B23} - C:\WINDOWS\System32\ikmj.dll
O18 - Filter: text/plain - {84E7BC47-D29E-4319-BB4B-0708A8491B23} - C:\WINDOWS\System32\ikmj.dll
O20 - AppInit_DLLs: jhl1c4v3gcw.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: WUSB54Gv2SVC - Unknown owner - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe" "WUSB54Gv2.exe (file missing)
I have neglected my computer for some time. Now when i ran Avg i got the trojan horse kreppper.x. It has multiplied so much it is not able to finish scanning or heal itself. There probably is much more wrong with my computer also, with popups ect. Just realizing you got be a little more defensive. Here is my log. Thanks alot!!
Logfile of HijackThis v1.99.1
Scan saved at 9:28:22 AM, on 5/25/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InfoMyCa.exe
C:\WINDOWS\System32\kxbvivhr5ytothd.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Media Access\MediaAccK.exe
C:\Program Files\Media Access\MediaAccess.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv2.exe
C:\WINDOWS\System32\kernels32.exe
C:\program files\180search assistant\saap.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\devldr32.exe
C:\WINDOWS\System32\vxgamet2.exe
C:\Documents and Settings\dominic dollar.DOMINIC\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://letgohome.com/sp.htm?id=533
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\DOMINI~1.DOM\LOCALS~1\Temp\se.dll/spage.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\DOMINI~1.DOM\LOCALS~1\Temp\se.dll/spage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\System32\kernels32.exe
O2 - BHO: Loader Class - {2E246FAE-8420-11D9-870D-000C2917DE7F} - C:\WINDOWS\SYSTEM\Loader.dll
O2 - BHO: (no name) - {467FAEB2-5F5B-4c81-BAE0-2A4752CA7F4E} - C:\WINDOWS\System32\.dll (file missing)
O2 - BHO: (no name) - {B21D783B-C53E-4BFF-96FB-2FA60320024A} - C:\WINDOWS\System32\ikmj.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WUSB54Gv2] C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InvokeSvc3.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [Nkkvghvj] C:\Program Files\Hbghfer\Tzyehi.exe
O4 - HKLM\..\Run: [Control handler] C:\WINDOWS\System32\kxbvivhr5ytothd.exe
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Service Host] C:\WINDOWS\System32\Services\{6994968E-48EB-4B73-BBD5-21457E3671F1}\SVCHOST.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [System] C:\WINDOWS\System32\kernels32.exe
O4 - HKLM\..\Run: [WindowsUpdate] C:\WINDOWS\System\svchost.exe /s
O4 - HKLM\..\Run: [saap] c:\program files\180search assistant\saap.exe
O4 - HKLM\..\Run: [vcvwn] C:\WINDOWS\vcvwn.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Microsoft AntiSpyware helper - {083CAF6C-A7EC-43EA-83D6-9022C0B1168C} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {083CAF6C-A7EC-43EA-83D6-9022C0B1168C} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {0D66D310-22A6-4E5F-A2F0-0D19AB08A04A} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {0D66D310-22A6-4E5F-A2F0-0D19AB08A04A} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {20BD1646-91F4-4E4C-8D51-F42E4344385B} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {20BD1646-91F4-4E4C-8D51-F42E4344385B} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {21F4ECB8-EC24-4E80-BF86-42BAC4FDFCC4} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {21F4ECB8-EC24-4E80-BF86-42BAC4FDFCC4} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {26B927AE-413D-4487-88B8-98A908461AE9} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {26B927AE-413D-4487-88B8-98A908461AE9} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {2D87EB51-B400-4359-AD65-68EE1D229DEC} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {2D87EB51-B400-4359-AD65-68EE1D229DEC} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {315694B7-F328-49BF-AEE7-D73A7495011C} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {315694B7-F328-49BF-AEE7-D73A7495011C} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {524C86A3-D3BA-49F9-A9D9-DDF01C01B6A6} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {524C86A3-D3BA-49F9-A9D9-DDF01C01B6A6} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {550C2790-628C-4CC2-87A8-578F70F53A6A} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {550C2790-628C-4CC2-87A8-578F70F53A6A} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {5B1FC7FA-5274-4D7A-97DA-14329725C0A1} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {5B1FC7FA-5274-4D7A-97DA-14329725C0A1} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {5DCECE39-AFB1-4B2E-8CA3-E9AAEA51908A} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {5DCECE39-AFB1-4B2E-8CA3-E9AAEA51908A} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {67FE8706-60AE-43E5-B219-3B9220F454A7} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {67FE8706-60AE-43E5-B219-3B9220F454A7} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {797F7D29-2199-4A41-B006-368EFC22D202} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {797F7D29-2199-4A41-B006-368EFC22D202} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {81607A16-75C3-4A12-91D6-EF1A0EEDB87E} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {81607A16-75C3-4A12-91D6-EF1A0EEDB87E} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {851E0541-4C10-440E-A5D9-CDD32A701B20} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {851E0541-4C10-440E-A5D9-CDD32A701B20} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {89902251-B84B-46B8-A183-A2DEF587FE0A} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {89902251-B84B-46B8-A183-A2DEF587FE0A} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {9BAFD298-EC51-4CD7-9D26-47594DFA48D1} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {9BAFD298-EC51-4CD7-9D26-47594DFA48D1} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {AC69A38E-D0BE-4F73-9D53-E228241F208D} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {AC69A38E-D0BE-4F73-9D53-E228241F208D} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {B4452556-1EAC-486A-BFED-EA83D59F26F0} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {B4452556-1EAC-486A-BFED-EA83D59F26F0} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {B5C2C674-6AB4-4B83-B4BA-A6A386ABE64A} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {B5C2C674-6AB4-4B83-B4BA-A6A386ABE64A} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {B6916576-E0A1-4788-BC11-A616CF8CAC10} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {B6916576-E0A1-4788-BC11-A616CF8CAC10} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {B7E7D588-BC93-4003-8AD3-3B9D420FEEA6} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {B7E7D588-BC93-4003-8AD3-3B9D420FEEA6} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {CDF18B90-DD8C-4DA3-B2A2-0C1336D79C12} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {CDF18B90-DD8C-4DA3-B2A2-0C1336D79C12} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {CEBA2D99-DE8B-41BD-BC03-9503712143FF} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {CEBA2D99-DE8B-41BD-BC03-9503712143FF} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {D3A9B10F-59EB-4410-9FBF-2D8BCB72221F} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {D3A9B10F-59EB-4410-9FBF-2D8BCB72221F} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {DB984E34-0968-400B-A55C-BB277C0D6CE8} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {DB984E34-0968-400B-A55C-BB277C0D6CE8} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {DC5E907B-A58F-430D-8A82-A4E5DAA11C45} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {DC5E907B-A58F-430D-8A82-A4E5DAA11C45} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {DEDB68F9-CB5B-47F5-9657-373EE44E5C39} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {DEDB68F9-CB5B-47F5-9657-373EE44E5C39} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {E9D58A5F-F642-404E-8F65-C7F0A74DED90} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {E9D58A5F-F642-404E-8F65-C7F0A74DED90} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {EA52A0EE-3E7E-4CE9-8187-DE90729D8625} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {EA52A0EE-3E7E-4CE9-8187-DE90729D8625} - (no file) (HKCU)
O12 - Plugin for .PDF: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O15 - Trusted Zone: *.blazefind.com
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.searchbarcash.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.skoobidoo.com
O15 - Trusted Zone: *.slotch.com
O15 - Trusted Zone: *.slotchbar.com
O15 - Trusted Zone: *.windupdates.com
O15 - Trusted Zone: *.xxxtoolbar.com
O15 - Trusted Zone: *.ysbweb.com
O15 - Trusted Zone: *.blazefind.com (HKLM)
O15 - Trusted Zone: *.clickspring.net (HKLM)
O15 - Trusted Zone: *.flingstone.com (HKLM)
O15 - Trusted Zone: *.mt-download.com (HKLM)
O15 - Trusted Zone: *.my-internet.info (HKLM)
O15 - Trusted Zone: *.searchbarcash.com (HKLM)
O15 - Trusted Zone: *.searchmiracle.com (HKLM)
O15 - Trusted Zone: *.skoobidoo.com (HKLM)
O15 - Trusted Zone: *.slotch.com (HKLM)
O15 - Trusted Zone: *.slotchbar.com (HKLM)
O15 - Trusted Zone: *.windupdates.com (HKLM)
O15 - Trusted Zone: *.xxxtoolbar.com (HKLM)
O15 - Trusted Zone: *.ysbweb.com (HKLM)
O15 - Trusted IP range: 67.19.178.84
O15 - Trusted IP range: 67.19.178.84 (HKLM)
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!http://vparivalka.com/G7/chm10.chm::/ieloader.exe
O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:\Recycled\Q678340.exe
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c10.cab
O16 - DPF: {99410CDE-6F16-42ce-9D49-3807F78F0287} (ClientInstaller Class) - http://www.180searchassistant.com/180saax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{51050F49-DFB7-4332-8DEA-5DC9E98D26E8}: NameServer = 216.195.47.98;
O17 - HKLM\System\CCS\Services\Tcpip\..\{B47BB460-8B11-4592-B38A-FB7598CE0BFC}: NameServer = 216.195.47.98;
O18 - Filter: text/html - {84E7BC47-D29E-4319-BB4B-0708A8491B23} - C:\WINDOWS\System32\ikmj.dll
O18 - Filter: text/plain - {84E7BC47-D29E-4319-BB4B-0708A8491B23} - C:\WINDOWS\System32\ikmj.dll
O20 - AppInit_DLLs: jhl1c4v3gcw.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: WUSB54Gv2SVC - Unknown owner - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe" "WUSB54Gv2.exe (file missing)