 |  |  |  |  |  |  |  |
please help!
 |
A friend gave me an old computer of hers, I am having tons of trouble with it. Please advise! Here is my hijack log.
Thanks!
Logfile of HijackThis v1.99.1
Scan saved at 9:31:13 PM, on 10/5/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\System32\cnlhjh\yppoud.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\Winkeri.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\WScript.exe
C:\Program Files\DownloadWare\dw.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\System32\RUNDLL32.exe
C:\WINDOWS\System32\stcloader.exe
C:\WINDOWS\System32\winupdtl.exe
C:\Program Files\AutoUpdate\AutoUpdate.exe
C:\WINDOWS\System32\ieswoa.exe
C:\WINDOWS\System32\pdii\orfrmt.exe
C:\WINDOWS\System32\ycphs\plwsplbo.exe
C:\WINDOWS\System32\hlgec\yirexd.exe
C:\WINDOWS\System32\xhhevxsx\ijxvki.exe
C:\WINDOWS\System32\ukem\lscoxog.exe
C:\WINDOWS\System32\ebcugpf\dxunrqp.exe
C:\WINDOWS\System32\yvpv\hpeqo.exe
C:\WINDOWS\System32\lqycd\lihvvjh.exe
C:\WINDOWS\System32\kjapkir\sgvq.exe
C:\WINDOWS\System32\sjxrv\tlnmhnc.exe
C:\WINDOWS\System32\usptamp\wfxbq.exe
C:\WINDOWS\System32\cxqm\gobpsu.exe
C:\WINDOWS\System32\rteq\jojw.exe
C:\WINDOWS\System32\mkktuum\fbfed.exe
C:\WINDOWS\System32\yygurocr\fktdya.exe
C:\WINDOWS\System32\wsvpsgj\wgsqgh.exe
C:\WINDOWS\System32\bfhlhx\jliawjd.exe
C:\WINDOWS\System32\dbwls\tawcjk.exe
C:\WINDOWS\System32\skuek\lqtucg.exe
C:\WINDOWS\System32\lbuaa\rattllj.exe
C:\WINDOWS\System32\keyjqsfv\auit.exe
C:\WINDOWS\System32\sxuonkxn\cdlbtxdf.exe
C:\WINDOWS\System32\wfuk\ngakdxv.exe
C:\WINDOWS\System32\fjistp\mntfhoj.exe
C:\WINDOWS\System32\lsjfltgk\uoky.exe
C:\WINDOWS\System32\bumeu\ktepq.exe
C:\WINDOWS\System32\xcber\mbok.exe
C:\WINDOWS\System32\bfryo\lfcdr.exe
C:\WINDOWS\System32\bhpdqt\kufeskd.exe
C:\WINDOWS\System32\pecpsa\xpfgi.exe
C:\WINDOWS\System32\ktyrr\wqpuiui.exe
C:\WINDOWS\System32\kilcbdpy\pxso.exe
C:\WINDOWS\System32\nrevv\rfdiymkj.exe
C:\WINDOWS\System32\bdsglann\wufrni.exe
C:\WINDOWS\System32\ijrnreon\jmnbmb.exe
C:\WINDOWS\System32\exttt\xpwcifcp.exe
C:\WINDOWS\System32\tqdjqpqw\klabffy.exe
C:\WINDOWS\System32\uaubcsuf\qkhekn.exe
C:\WINDOWS\System32\tjxlelb\bsdtwuyc.exe
C:\WINDOWS\System32\swibgru\rxdcmw.exe
C:\WINDOWS\System32\iere\qdpcycvb.exe
C:\WINDOWS\System32\uobg\dugo.exe
C:\WINDOWS\System32\rqrctrc\hnuek.exe
C:\WINDOWS\System32\ecan\adajkbw.exe
C:\WINDOWS\System32\bcijsbe\qnlqe.exe
C:\WINDOWS\System32\tfkkhnu\dmkm.exe
C:\WINDOWS\System32\hsibgne\owbkbuuk.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\WINDOWS\System32\lxubnh\vnpgiw.exe
C:\WINDOWS\System32\vpgy\jsyjgu.exe
C:\WINDOWS\System32\epof\hlge.exe
C:\WINDOWS\System32\yjpim\jteey.exe
C:\WINDOWS\System32\bein\toebkalo.exe
C:\WINDOWS\System32\ytkai\udbu.exe
C:\WINDOWS\System32\almo\ylbj.exe
C:\WINDOWS\System32\ntgfo\jmlriwcv.exe
C:\WINDOWS\System32\ktyty\iaes.exe
C:\WINDOWS\System32\cynkxm\rhbrqbc.exe
C:\WINDOWS\System32\dwnlgold\frytrsyy.exe
C:\WINDOWS\System32\vsydemu\bsvy.exe
C:\WINDOWS\System32\rumgi\vefw.exe
C:\WINDOWS\System32\lpsufgx\xbajkobs.exe
C:\WINDOWS\System32\ykypp\tvkg.exe
C:\WINDOWS\System32\oomjrte\sikuiyb.exe
C:\WINDOWS\System32\bmjk\oluhc.exe
C:\WINDOWS\System32\rtjbrdwb\klesuwt.exe
C:\WINDOWS\System32\fddw\hxfrljvu.exe
C:\WINDOWS\System32\txkumd\eaxvbx.exe
C:\WINDOWS\System32\topteyx\rhoyqgi.exe
C:\WINDOWS\System32\yeiy\yjhg.exe
C:\WINDOWS\System32\rjenws\uyghrac.exe
C:\WINDOWS\System32\bmtbf\xeoc.exe
C:\WINDOWS\System32\bkkbmhqy\grmmbts.exe
C:\WINDOWS\System32\gyhe\erowp.exe
C:\WINDOWS\System32\tfrqxjou\oiqlfjqf.exe
C:\WINDOWS\System32\yasabv\gyjvy.exe
C:\WINDOWS\System32\pmlmjobm\pfre.exe
C:\WINDOWS\System32\pmkdb\cmgyv.exe
C:\WINDOWS\System32\eubrlcjr\drhy.exe
C:\WINDOWS\System32\ctytarr\igtk.exe
C:\WINDOWS\System32\vuqjmgt\evofcqjc.exe
C:\WINDOWS\System32\wxglwmb\rknbxqrf.exe
C:\WINDOWS\System32\jfnonr\cewiw.exe
C:\WINDOWS\System32\tuphw\nsnel.exe
C:\WINDOWS\System32\hfgukg\ebwknq.exe
C:\WINDOWS\System32\jsymflg\lblggy.exe
C:\WINDOWS\System32\qwooeqx\xgqxjayd.exe
C:\WINDOWS\System32\vylg\jwxexbfb.exe
C:\WINDOWS\System32\dteg\hitiponr.exe
C:\WINDOWS\System32\emwbw\onlf.exe
C:\WINDOWS\System32\dnlniej\pjnpqpag.exe
C:\WINDOWS\System32\fgmicmk\oxdl.exe
C:\WINDOWS\System32\dkiq\qxlyip.exe
C:\WINDOWS\System32\aecvxtnj\kfaalr.exe
c:\progra~1\Support.com\client\bin\tgcmd.exe
C:\WINDOWS\System32\tilu\sarokk.exe
C:\WINDOWS\System32\cryv\jufa.exe
C:\WINDOWS\System32\wyxkboyg\mjrgsjo.exe
C:\WINDOWS\System32\breiclle\kallxig.exe
C:\WINDOWS\System32\olhova\ifilnqdk.exe
C:\WINDOWS\System32\qvlrfu\pdirwge.exe
C:\Program Files\Sony\VAIO Action Setup\VAServ.exe
C:\Program Files\CxtPls\CxtPls.exe
C:\Program Files\America Online 7.0a\waol.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\WINDOWS\System32\MsgSys.EXE
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\WINDOWS\System32\MOStat.exe
C:\Documents and Settings\Amanda\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://url.cpvfeed.com/cpv.jsp?p=110...uestId=4a2???? (obfuscated)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O1 - Hosts: 216.39.69.102 view.atdmt.com
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem220.dll
O2 - BHO: (no name) - {016235BE-59D4-4CEB-ADD5-E2378282A1D9} - C:\Program Files\CxtPls\cxtpls.dll
O2 - BHO: Network Essentials - {0421701D-CF13-4E70-ADF0-45A953E7CB8B} - C:\Program Files\Network Essentials\v16\NE.DLL
O2 - BHO: TChkBHO Class - {2A1FF118-2679-4E66-8768-86F60AD490A2} - C:\WINDOWS\system32\iyxiu.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Zango Search Assistant Helper - {56F1D444-11BF-4879-A12B-79CF0177F038} - c:\program files\zango\zangohook.dll (file missing)
O2 - BHO: LinkTracker Class - {8B6DA27E-7F64-4694-8F8F-DC87AB8C6B22} - C:\Program Files\Qlinks\qlink32.dll
O2 - BHO: (no name) - {8C0ACE31-734A-392C-F30E-9FBD7BB0A5E3} - C:\WINDOWS\System32\pysswhdr\xtdgcuqb.dll
O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\wsem303.dll
O2 - BHO: Related Page - {9A9C9B69-F908-4AAB-8D0C-10EA8997F37E} - C:\WINDOWS\System32\WinNB57.dll
O2 - BHO: IEHlprObj Class - {B78DB909-E6CE-4B4E-A582-C7CBA8D738C8} - C:\WINDOWS\system32\mob030612.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Related Page - {9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} - C:\WINDOWS\System32\WinNB57.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ZTgServerSwitch] c:\program files\support.com\client\lserver\server.vbs
O4 - HKLM\..\Run: [CleanupProgram] C:\Sonysys\cleanup.exe
O4 - HKLM\..\Run: [MovieNetworks] "C:\Program Files\MovieNetworks\MovieNetworks.exe" /H
O4 - HKLM\..\Run: [DownloadWare] "C:\Program Files\DownloadWare\dw.exe" /H
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [stcloader] C:\WINDOWS\System32\stcloader.exe
O4 - HKLM\..\Run: [winupdtl] C:\WINDOWS\System32\winupdtl.exe
O4 - HKLM\..\Run: [VBouncerDL] C:\Program Files\VBouncer\VBouncerInner.exe /S
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [t7rg37V] ieswoa.exe
O4 - HKLM\..\Run: [PMT] C:\Program Files\PMT\personalmoneytree.exe
O4 - HKLM\..\Run: [jelmliv] C:\WINDOWS\System32\ymyj\jelmliv.exe
O4 - HKLM\..\Run: [abfiy] C:\WINDOWS\System32\omwqi\abfiy.exe
O4 - HKLM\..\Run: [iffi] C:\WINDOWS\System32\xytj\iffi.exe
O4 - HKLM\..\Run: [rghhfgub] C:\WINDOWS\System32\nhsx\rghhfgub.exe
O4 - HKLM\..\Run: [ursm] C:\WINDOWS\System32\xhhlvmev\ursm.exe
O4 - HKLM\..\Run: [yirexd] C:\WINDOWS\System32\hlgec\yirexd.exe
O4 - HKLM\..\Run: [rrwndlpg] C:\WINDOWS\System32\miedvl\rrwndlpg.exe
O4 - HKLM\..\Run: [sbrgsv] C:\WINDOWS\System32\esqocfk\sbrgsv.exe
O4 - HKLM\..\Run: [kkgfxx] C:\WINDOWS\System32\egws\kkgfxx.exe
O4 - HKLM\..\Run: [lacjwxg] C:\WINDOWS\System32\xvgtxci\lacjwxg.exe
O4 - HKLM\..\Run: [edecjkoj] C:\WINDOWS\System32\nbuo\edecjkoj.exe
O4 - HKLM\..\Run: [lscoxog] C:\WINDOWS\System32\ukem\lscoxog.exe
O4 - HKLM\..\Run: [dxunrqp] C:\WINDOWS\System32\ebcugpf\dxunrqp.exe
O4 - HKLM\..\Run: [luhvjtg] C:\WINDOWS\System32\qpkeg\luhvjtg.exe
O4 - HKLM\..\Run: [hpeqo] C:\WINDOWS\System32\yvpv\hpeqo.exe
O4 - HKLM\..\Run: [lihvvjh] C:\WINDOWS\System32\lqycd\lihvvjh.exe
O4 - HKLM\..\Run: [sgvq] C:\WINDOWS\System32\kjapkir\sgvq.exe
O4 - HKLM\..\Run: [xfads] C:\WINDOWS\System32\wthvpx\xfads.exe
O4 - HKLM\..\Run: [tlnmhnc] C:\WINDOWS\System32\sjxrv\tlnmhnc.exe
O4 - HKLM\..\Run: [xgjwfmt] C:\WINDOWS\System32\bafjn\xgjwfmt.exe
O4 - HKLM\..\Run: [gobpsu] C:\WINDOWS\System32\cxqm\gobpsu.exe
O4 - HKLM\..\Run: [jojw] C:\WINDOWS\System32\rteq\jojw.exe
O4 - HKLM\..\Run: [fbfed] C:\WINDOWS\System32\mkktuum\fbfed.exe
O4 - HKLM\..\Run: [fktdya] C:\WINDOWS\System32\yygurocr\fktdya.exe
O4 - HKLM\..\Run: [wgsqgh] C:\WINDOWS\System32\wsvpsgj\wgsqgh.exe
O4 - HKLM\..\Run: [jliawjd] C:\WINDOWS\System32\bfhlhx\jliawjd.exe
O4 - HKLM\..\Run: [tawcjk] C:\WINDOWS\System32\dbwls\tawcjk.exe
O4 - HKLM\..\Run: [lqtucg] C:\WINDOWS\System32\skuek\lqtucg.exe
O4 - HKLM\..\Run: [rattllj] C:\WINDOWS\System32\lbuaa\rattllj.exe
O4 - HKLM\..\Run: [auit] C:\WINDOWS\System32\keyjqsfv\auit.exe
O4 - HKLM\..\Run: [cdlbtxdf] C:\WINDOWS\System32\sxuonkxn\cdlbtxdf.exe
O4 - HKLM\..\Run: [ngakdxv] C:\WINDOWS\System32\wfuk\ngakdxv.exe
O4 - HKLM\..\Run: [pfgfsap] C:\WINDOWS\System32\dtcbodm\pfgfsap.exe
O4 - HKLM\..\Run: [pnfgdvy] C:\WINDOWS\System32\bmxwgk\pnfgdvy.exe
O4 - HKLM\..\Run: [mntfhoj] C:\WINDOWS\System32\fjistp\mntfhoj.exe
O4 - HKLM\..\Run: [uoky] C:\WINDOWS\System32\lsjfltgk\uoky.exe
O4 - HKLM\..\Run: [ktepq] C:\WINDOWS\System32\bumeu\ktepq.exe
O4 - HKLM\..\Run: [mbok] C:\WINDOWS\System32\xcber\mbok.exe
O4 - HKLM\..\Run: [lfcdr] C:\WINDOWS\System32\bfryo\lfcdr.exe
O4 - HKLM\..\Run: [kufeskd] C:\WINDOWS\System32\bhpdqt\kufeskd.exe
O4 - HKLM\..\Run: [xpfgi] C:\WINDOWS\System32\pecpsa\xpfgi.exe
O4 - HKLM\..\Run: [wqpuiui] C:\WINDOWS\System32\ktyrr\wqpuiui.exe
O4 - HKLM\..\Run: [pxso] C:\WINDOWS\System32\kilcbdpy\pxso.exe
O4 - HKLM\..\Run: [hkywnop] C:\WINDOWS\System32\gvtd\hkywnop.exe
O4 - HKLM\..\Run: [aenloen] C:\WINDOWS\System32\hfnydlkd\aenloen.exe
O4 - HKLM\..\Run: [rfdiymkj] C:\WINDOWS\System32\nrevv\rfdiymkj.exe
O4 - HKLM\..\Run: [wufrni] C:\WINDOWS\System32\bdsglann\wufrni.exe
O4 - HKLM\..\Run: [jmnbmb] C:\WINDOWS\System32\ijrnreon\jmnbmb.exe
O4 - HKLM\..\Run: [bqvvcc] C:\WINDOWS\System32\rapjn\bqvvcc.exe
O4 - HKLM\..\Run: [krqfmdyq] C:\WINDOWS\System32\rpixe\krqfmdyq.exe
O4 - HKLM\..\Run: [xpwcifcp] C:\WINDOWS\System32\exttt\xpwcifcp.exe
O4 - HKLM\..\Run: [klabffy] C:\WINDOWS\System32\tqdjqpqw\klabffy.exe
O4 - HKLM\..\Run: [qkhekn] C:\WINDOWS\System32\uaubcsuf\qkhekn.exe
O4 - HKLM\..\Run: [bsdtwuyc] C:\WINDOWS\System32\tjxlelb\bsdtwuyc.exe
O4 - HKLM\..\Run: [rxdcmw] C:\WINDOWS\System32\swibgru\rxdcmw.exe
O4 - HKLM\..\Run: [qdpcycvb] C:\WINDOWS\System32\iere\qdpcycvb.exe
O4 - HKLM\..\Run: [dugo] C:\WINDOWS\System32\uobg\dugo.exe
O4 - HKLM\..\Run: [hnuek] C:\WINDOWS\System32\rqrctrc\hnuek.exe
O4 - HKLM\..\Run: [adajkbw] C:\WINDOWS\System32\ecan\adajkbw.exe
O4 - HKLM\..\Run: [fyuefwc] C:\WINDOWS\System32\wknlv\fyuefwc.exe
O4 - HKLM\..\Run: [qnlqe] C:\WINDOWS\System32\bcijsbe\qnlqe.exe
O4 - HKLM\..\Run: [dmkm] C:\WINDOWS\System32\tfkkhnu\dmkm.exe
O4 - HKLM\..\Run: [qukhopd] C:\WINDOWS\System32\jdkefpy\qukhopd.exe
O4 - HKLM\..\Run: [owbkbuuk] C:\WINDOWS\System32\hsibgne\owbkbuuk.exe
O4 - HKLM\..\Run: [fyusp] C:\WINDOWS\System32\axoolby\fyusp.exe
O4 - HKLM\..\Run: [fvaxmh] C:\WINDOWS\System32\ckdeeebs\fvaxmh.exe
O4 - HKLM\..\Run: [NI.UWFX6_0001_N68M2301] "C:\WINDOWS\Downloaded Program Files\UWFX6_0001_N68M2301NetInstaller.exe" -nag
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [vnpgiw] C:\WINDOWS\System32\lxubnh\vnpgiw.exe
O4 - HKLM\..\Run: [jsyjgu] C:\WINDOWS\System32\vpgy\jsyjgu.exe
O4 - HKLM\..\Run: [hlge] C:\WINDOWS\System32\epof\hlge.exe
O4 - HKLM\..\Run: [tujlkwg] C:\WINDOWS\System32\jdsmrhu\tujlkwg.exe
O4 - HKLM\..\Run: [aqpb] C:\WINDOWS\System32\sbqrr\aqpb.exe
O4 - HKLM\..\Run: [npqvuf] C:\WINDOWS\System32\kjqix\npqvuf.exe
O4 - HKLM\..\Run: [jteey] C:\WINDOWS\System32\yjpim\jteey.exe
O4 - HKLM\..\Run: [toebkalo] C:\WINDOWS\System32\bein\toebkalo.exe
O4 - HKLM\..\Run: [udbu] C:\WINDOWS\System32\ytkai\udbu.exe
O4 - HKLM\..\Run: [ylbj] C:\WINDOWS\System32\almo\ylbj.exe
O4 - HKLM\..\Run: [iaes] C:\WINDOWS\System32\ktyty\iaes.exe
O4 - HKLM\..\Run: [rhbrqbc] C:\WINDOWS\System32\cynkxm\rhbrqbc.exe
O4 - HKLM\..\Run: [njuhcqy] C:\WINDOWS\System32\wfwqme\njuhcqy.exe
O4 - HKLM\..\Run: [frytrsyy] C:\WINDOWS\System32\dwnlgold\frytrsyy.exe
O4 - HKLM\..\Run: [bsvy] C:\WINDOWS\System32\vsydemu\bsvy.exe
O4 - HKLM\..\Run: [vefw] C:\WINDOWS\System32\rumgi\vefw.exe
O4 - HKLM\..\Run: [uhye] C:\WINDOWS\System32\dcoavh\uhye.exe
O4 - HKLM\..\Run: [hnyeb] C:\WINDOWS\System32\ogef\hnyeb.exe
O4 - HKLM\..\Run: [xbajkobs] C:\WINDOWS\System32\lpsufgx\xbajkobs.exe
O4 - HKLM\..\Run: [tvkg] C:\WINDOWS\System32\ykypp\tvkg.exe
O4 - HKLM\..\Run: [nakf] C:\WINDOWS\System32\naxrjsgk\nakf.exe
O4 - HKLM\..\Run: [hbrqvo] C:\WINDOWS\System32\jrcy\hbrqvo.exe
O4 - HKLM\..\Run: [xojddul] C:\WINDOWS\System32\jgvnsdti\xojddul.exe
O4 - HKLM\..\Run: [sikuiyb] C:\WINDOWS\System32\oomjrte\sikuiyb.exe
O4 - HKLM\..\Run: [oluhc] C:\WINDOWS\System32\bmjk\oluhc.exe
O4 - HKLM\..\Run: [klesuwt] C:\WINDOWS\System32\rtjbrdwb\klesuwt.exe
O4 - HKLM\..\Run: [jyhr] C:\WINDOWS\System32\ssej\jyhr.exe
O4 - HKLM\..\Run: [hxfrljvu] C:\WINDOWS\System32\fddw\hxfrljvu.exe
O4 - HKLM\..\Run: [eaxvbx] C:\WINDOWS\System32\txkumd\eaxvbx.exe
O4 - HKLM\..\Run: [rhoyqgi] C:\WINDOWS\System32\topteyx\rhoyqgi.exe
O4 - HKLM\..\Run: [yjhg] C:\WINDOWS\System32\yeiy\yjhg.exe
O4 - HKLM\..\Run: [uyghrac] C:\WINDOWS\System32\rjenws\uyghrac.exe
O4 - HKLM\..\Run: [xeoc] C:\WINDOWS\System32\bmtbf\xeoc.exe
O4 - HKLM\..\Run: [grmmbts] C:\WINDOWS\System32\bkkbmhqy\grmmbts.exe
O4 - HKLM\..\Run: [erowp] C:\WINDOWS\System32\gyhe\erowp.exe
O4 - HKLM\..\Run: [oiqlfjqf] C:\WINDOWS\System32\tfrqxjou\oiqlfjqf.exe
O4 - HKLM\..\Run: [gyjvy] C:\WINDOWS\System32\yasabv\gyjvy.exe
O4 - HKLM\..\Run: [nkxeg] C:\WINDOWS\System32\yldoxpe\nkxeg.exe
O4 - HKLM\..\Run: [pfre] C:\WINDOWS\System32\pmlmjobm\pfre.exe
O4 - HKLM\..\Run: [chovumj] C:\WINDOWS\System32\sijao\chovumj.exe
O4 - HKLM\..\Run: [cmgyv] C:\WINDOWS\System32\pmkdb\cmgyv.exe
O4 - HKLM\..\Run: [lrvgtso] C:\WINDOWS\System32\gdukikk\lrvgtso.exe
O4 - HKLM\..\Run: [drhy] C:\WINDOWS\System32\eubrlcjr\drhy.exe
O4 - HKLM\..\Run: [igtk] C:\WINDOWS\System32\ctytarr\igtk.exe
O4 - HKLM\..\Run: [evofcqjc] C:\WINDOWS\System32\vuqjmgt\evofcqjc.exe
O4 - HKLM\..\Run: [tqieq] C:\WINDOWS\System32\ehwfntch\tqieq.exe
O4 - HKLM\..\Run: [rknbxqrf] C:\WINDOWS\System32\wxglwmb\rknbxqrf.exe
O4 - HKLM\..\Run: [cewiw] C:\WINDOWS\System32\jfnonr\cewiw.exe
O4 - HKLM\..\Run: [nsnel] C:\WINDOWS\System32\tuphw\nsnel.exe
O4 - HKLM\..\Run: [ebwknq] C:\WINDOWS\System32\hfgukg\ebwknq.exe
O4 - HKLM\..\Run: [lblggy] C:\WINDOWS\System32\jsymflg\lblggy.exe
O4 - HKLM\..\Run: [xgqxjayd] C:\WINDOWS\System32\qwooeqx\xgqxjayd.exe
O4 - HKLM\..\Run: [jwxexbfb] C:\WINDOWS\System32\vylg\jwxexbfb.exe
O4 - HKLM\..\Run: [hrbupnuo] C:\WINDOWS\System32\tfnujd\hrbupnuo.exe
O4 - HKLM\..\Run: [hitiponr] C:\WINDOWS\System32\dteg\hitiponr.exe
O4 - HKLM\..\Run: [wfxbq] C:\WINDOWS\System32\usptamp\wfxbq.exe
O4 - HKLM\..\Run: [onlf] C:\WINDOWS\System32\emwbw\onlf.exe
O4 - HKLM\..\Run: [pjnpqpag] C:\WINDOWS\System32\dnlniej\pjnpqpag.exe
O4 - HKLM\..\Run: [oxdl] C:\WINDOWS\System32\fgmicmk\oxdl.exe
O4 - HKLM\..\Run: [qxlyip] C:\WINDOWS\System32\dkiq\qxlyip.exe
O4 - HKLM\..\Run: [kfaalr] C:\WINDOWS\System32\aecvxtnj\kfaalr.exe
O4 - HKLM\..\Run: [sarokk] C:\WINDOWS\System32\tilu\sarokk.exe
O4 - HKLM\..\Run: [yppoud] C:\WINDOWS\System32\cnlhjh\yppoud.exe
O4 - HKLM\..\Run: [ijxvki] C:\WINDOWS\System32\xhhevxsx\ijxvki.exe
O4 - HKLM\..\Run: [jufa] C:\WINDOWS\System32\cryv\jufa.exe
O4 - HKLM\..\Run: [mjrgsjo] C:\WINDOWS\System32\wyxkboyg\mjrgsjo.exe
O4 - HKLM\..\Run: [kallxig] C:\WINDOWS\System32\breiclle\kallxig.exe
O4 - HKLM\..\Run: [ifilnqdk] C:\WINDOWS\System32\olhova\ifilnqdk.exe
O4 - HKLM\..\Run: [pdirwge] C:\WINDOWS\System32\qvlrfu\pdirwge.exe
O4 - HKLM\..\Run: [orfrmt] C:\WINDOWS\System32\pdii\orfrmt.exe
O4 - HKLM\..\Run: [plwsplbo] C:\WINDOWS\System32\ycphs\plwsplbo.exe
O4 - HKLM\..\Run: [jmlriwcv] C:\WINDOWS\System32\ntgfo\jmlriwcv.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: America Online 7.0 Tray Icon.lnk = C:\Program Files\America Online 7.0a\aoltray.exe
O4 - Global Startup: VAIO Action Setup (Server).lnk = ?
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 - Trusted Zone: *.crosskirknet.com (HKLM)
O15 - Trusted Zone: *.dollarrevenue.com (HKLM)
O15 - Trusted Zone: *.errorsafe.com (HKLM)
O15 - Trusted Zone: *.filesharingaccess.com (HKLM)
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: *.gimmysmileys.com (HKLM)
O15 - Trusted Zone: *.imagesrvr.com (HKLM)
O15 - Trusted Zone: *.kabum.pl (HKLM)
O15 - Trusted Zone: *.kazaa-forum.com (HKLM)
O15 - Trusted Zone: *.media-motor.com (HKLM)
O15 - Trusted Zone: *.media-motor.net (HKLM)
O15 - Trusted Zone: *.mediatickets.net (HKLM)
O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
O15 - Trusted Zone: *.mt-download.com (HKLM)
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O15 - Trusted Zone: *.traffic-stats.org (HKLM)
O15 - Trusted Zone: *.winantivirus.com (HKLM)
O15 - Trusted Zone: *.windupdates.com (HKLM)
O15 - Trusted Zone: *.winfixer.com (HKLM)
O15 - Trusted Zone: *.xxxtoolbar.com (HKLM)
O15 - Trusted Zone: *.yoursitebar.com (HKLM)
O15 - Trusted Zone: *.ysbweb.com (HKLM)
O15 - Trusted Zone: *.zango.com (HKLM)
O15 - Trusted Zone: *.zangocash.com (HKLM)
O16 - DPF: {072D3F2E-5FB6-11D3-B461-00C04FA35A21} (CFForm Runtime) - http://www.pbcprc.com/CFIDE/classes/CFJava.cab
O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://c:\nenenc.mht!http://crosskirknet.com/script/cnet.chm::/cnet.exe
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540013} (CInstall Class) - http://adserver.sharewareonline.com/...er/Install.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_mp3.cab
O16 - DPF: {4E7BD74F-2B8D-469E-DEFA-EB76B1D5FA7D} - http://lovefreegames.aavalue.com/LFG...FG-toolbar.cab
O16 - DPF: {7149E79C-DC19-4C5E-A53C-A54DDF75EEE9} (IObjSafety.DemoCtl) - ms-its:mhtml:file://c:\nenenm.mht!http://crosskirknet.com/script/mma.chm::/alien.cab
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} (Mirar_Dummy_ATS1 Class) - http://awbeta.net-nucleus.com/FIX/WinATS.cab
O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} (MediaGatewayX) - http://static.zangocash.com/cab/Zang...ridge-c139.cab
O16 - DPF: {9DBAFCCF-592F-FFFF-FFFF-00608CEC297B} - http://start1.aaa1screensavers.com/10078.exe
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} - ms-its:mhtml:file://c:\nenent.mht!http://crosskirknet.com/script/mta.c...sInstaller.cab
O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - ms-its:mhtml:file://c:\nenenw.mht!http://crosskirknet.com/script/winfi...reeInstall.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - http://download.toontown.com/sv1.0.15.31/ttinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/...sh/swflash.cab
O16 - DPF: {EB6AFDAB-E16D-430B-A5EE-0408A12289DC} - http://download.mediacharger.com/movienetworks.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7C7A1227-FF2A-4F4C-9D89-B27BCD830995}: NameServer = 205.188.146.145
O18 - Filter: text/html - {DFAA31C8-A356-4313-9D95-5EDAB46C5070} - C:\Program Files\Qlinks\qlink32.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: aqpbsbqrr - Unknown owner - C:\WINDOWS\System32\sbqrr\aqpb.exe
O23 - Service: bqvvccrapjn - Unknown owner - C:\WINDOWS\System32\rapjn\bqvvcc.exe
O23 - Service: DefWatch - Unknown owner - C:\Program Files\NavNT\defwatch.exe (file missing)
O23 - Service: fyuspaxoolby - Unknown owner - C:\WINDOWS\System32\axoolby\fyusp.exe
O23 - Service: hnyebogef - Unknown owner - C:\WINDOWS\System32\ogef\hnyeb.exe
O23 - Service: jyhrssej - Unknown owner - C:\WINDOWS\System32\ssej\jyhr.exe
O23 - Service: krqfmdyqrpixe - Unknown owner - C:\WINDOWS\System32\rpixe\krqfmdyq.exe
O23 - Service: lacjwxgxvgtxci - Unknown owner - C:\WINDOWS\System32\xvgtxci\lacjwxg.exe
O23 - Service: luhvjtgqpkeg - Unknown owner - C:\WINDOWS\System32\qpkeg\luhvjtg.exe
O23 - Service: pnfgdvybmxwgk - Unknown owner - C:\WINDOWS\System32\bmxwgk\pnfgdvy.exe
O23 - Service: qukhopdjdkefpy - Unknown owner - C:\WINDOWS\System32\jdkefpy\qukhopd.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: ursmxhhlvmev - Unknown owner - C:\WINDOWS\System32\xhhlvmev\ursm.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Winkeri - Unknown owner - C:\WINDOWS\System32\Winkeri.exe
O23 - Service: xgjwfmtbafjn - Unknown owner - C:\WINDOWS\System32\bafjn\xgjwfmt.exe
O23 - Service: yppoudcnlhjh - Unknown owner - C:\WINDOWS\System32\cnlhjh\yppoud.exe
Thanks!
Logfile of HijackThis v1.99.1
Scan saved at 9:31:13 PM, on 10/5/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\System32\cnlhjh\yppoud.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\Winkeri.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\WScript.exe
C:\Program Files\DownloadWare\dw.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\System32\RUNDLL32.exe
C:\WINDOWS\System32\stcloader.exe
C:\WINDOWS\System32\winupdtl.exe
C:\Program Files\AutoUpdate\AutoUpdate.exe
C:\WINDOWS\System32\ieswoa.exe
C:\WINDOWS\System32\pdii\orfrmt.exe
C:\WINDOWS\System32\ycphs\plwsplbo.exe
C:\WINDOWS\System32\hlgec\yirexd.exe
C:\WINDOWS\System32\xhhevxsx\ijxvki.exe
C:\WINDOWS\System32\ukem\lscoxog.exe
C:\WINDOWS\System32\ebcugpf\dxunrqp.exe
C:\WINDOWS\System32\yvpv\hpeqo.exe
C:\WINDOWS\System32\lqycd\lihvvjh.exe
C:\WINDOWS\System32\kjapkir\sgvq.exe
C:\WINDOWS\System32\sjxrv\tlnmhnc.exe
C:\WINDOWS\System32\usptamp\wfxbq.exe
C:\WINDOWS\System32\cxqm\gobpsu.exe
C:\WINDOWS\System32\rteq\jojw.exe
C:\WINDOWS\System32\mkktuum\fbfed.exe
C:\WINDOWS\System32\yygurocr\fktdya.exe
C:\WINDOWS\System32\wsvpsgj\wgsqgh.exe
C:\WINDOWS\System32\bfhlhx\jliawjd.exe
C:\WINDOWS\System32\dbwls\tawcjk.exe
C:\WINDOWS\System32\skuek\lqtucg.exe
C:\WINDOWS\System32\lbuaa\rattllj.exe
C:\WINDOWS\System32\keyjqsfv\auit.exe
C:\WINDOWS\System32\sxuonkxn\cdlbtxdf.exe
C:\WINDOWS\System32\wfuk\ngakdxv.exe
C:\WINDOWS\System32\fjistp\mntfhoj.exe
C:\WINDOWS\System32\lsjfltgk\uoky.exe
C:\WINDOWS\System32\bumeu\ktepq.exe
C:\WINDOWS\System32\xcber\mbok.exe
C:\WINDOWS\System32\bfryo\lfcdr.exe
C:\WINDOWS\System32\bhpdqt\kufeskd.exe
C:\WINDOWS\System32\pecpsa\xpfgi.exe
C:\WINDOWS\System32\ktyrr\wqpuiui.exe
C:\WINDOWS\System32\kilcbdpy\pxso.exe
C:\WINDOWS\System32\nrevv\rfdiymkj.exe
C:\WINDOWS\System32\bdsglann\wufrni.exe
C:\WINDOWS\System32\ijrnreon\jmnbmb.exe
C:\WINDOWS\System32\exttt\xpwcifcp.exe
C:\WINDOWS\System32\tqdjqpqw\klabffy.exe
C:\WINDOWS\System32\uaubcsuf\qkhekn.exe
C:\WINDOWS\System32\tjxlelb\bsdtwuyc.exe
C:\WINDOWS\System32\swibgru\rxdcmw.exe
C:\WINDOWS\System32\iere\qdpcycvb.exe
C:\WINDOWS\System32\uobg\dugo.exe
C:\WINDOWS\System32\rqrctrc\hnuek.exe
C:\WINDOWS\System32\ecan\adajkbw.exe
C:\WINDOWS\System32\bcijsbe\qnlqe.exe
C:\WINDOWS\System32\tfkkhnu\dmkm.exe
C:\WINDOWS\System32\hsibgne\owbkbuuk.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\WINDOWS\System32\lxubnh\vnpgiw.exe
C:\WINDOWS\System32\vpgy\jsyjgu.exe
C:\WINDOWS\System32\epof\hlge.exe
C:\WINDOWS\System32\yjpim\jteey.exe
C:\WINDOWS\System32\bein\toebkalo.exe
C:\WINDOWS\System32\ytkai\udbu.exe
C:\WINDOWS\System32\almo\ylbj.exe
C:\WINDOWS\System32\ntgfo\jmlriwcv.exe
C:\WINDOWS\System32\ktyty\iaes.exe
C:\WINDOWS\System32\cynkxm\rhbrqbc.exe
C:\WINDOWS\System32\dwnlgold\frytrsyy.exe
C:\WINDOWS\System32\vsydemu\bsvy.exe
C:\WINDOWS\System32\rumgi\vefw.exe
C:\WINDOWS\System32\lpsufgx\xbajkobs.exe
C:\WINDOWS\System32\ykypp\tvkg.exe
C:\WINDOWS\System32\oomjrte\sikuiyb.exe
C:\WINDOWS\System32\bmjk\oluhc.exe
C:\WINDOWS\System32\rtjbrdwb\klesuwt.exe
C:\WINDOWS\System32\fddw\hxfrljvu.exe
C:\WINDOWS\System32\txkumd\eaxvbx.exe
C:\WINDOWS\System32\topteyx\rhoyqgi.exe
C:\WINDOWS\System32\yeiy\yjhg.exe
C:\WINDOWS\System32\rjenws\uyghrac.exe
C:\WINDOWS\System32\bmtbf\xeoc.exe
C:\WINDOWS\System32\bkkbmhqy\grmmbts.exe
C:\WINDOWS\System32\gyhe\erowp.exe
C:\WINDOWS\System32\tfrqxjou\oiqlfjqf.exe
C:\WINDOWS\System32\yasabv\gyjvy.exe
C:\WINDOWS\System32\pmlmjobm\pfre.exe
C:\WINDOWS\System32\pmkdb\cmgyv.exe
C:\WINDOWS\System32\eubrlcjr\drhy.exe
C:\WINDOWS\System32\ctytarr\igtk.exe
C:\WINDOWS\System32\vuqjmgt\evofcqjc.exe
C:\WINDOWS\System32\wxglwmb\rknbxqrf.exe
C:\WINDOWS\System32\jfnonr\cewiw.exe
C:\WINDOWS\System32\tuphw\nsnel.exe
C:\WINDOWS\System32\hfgukg\ebwknq.exe
C:\WINDOWS\System32\jsymflg\lblggy.exe
C:\WINDOWS\System32\qwooeqx\xgqxjayd.exe
C:\WINDOWS\System32\vylg\jwxexbfb.exe
C:\WINDOWS\System32\dteg\hitiponr.exe
C:\WINDOWS\System32\emwbw\onlf.exe
C:\WINDOWS\System32\dnlniej\pjnpqpag.exe
C:\WINDOWS\System32\fgmicmk\oxdl.exe
C:\WINDOWS\System32\dkiq\qxlyip.exe
C:\WINDOWS\System32\aecvxtnj\kfaalr.exe
c:\progra~1\Support.com\client\bin\tgcmd.exe
C:\WINDOWS\System32\tilu\sarokk.exe
C:\WINDOWS\System32\cryv\jufa.exe
C:\WINDOWS\System32\wyxkboyg\mjrgsjo.exe
C:\WINDOWS\System32\breiclle\kallxig.exe
C:\WINDOWS\System32\olhova\ifilnqdk.exe
C:\WINDOWS\System32\qvlrfu\pdirwge.exe
C:\Program Files\Sony\VAIO Action Setup\VAServ.exe
C:\Program Files\CxtPls\CxtPls.exe
C:\Program Files\America Online 7.0a\waol.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\WINDOWS\System32\MsgSys.EXE
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\WINDOWS\System32\MOStat.exe
C:\Documents and Settings\Amanda\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://url.cpvfeed.com/cpv.jsp?p=110...uestId=4a2???? (obfuscated)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O1 - Hosts: 216.39.69.102 view.atdmt.com
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem220.dll
O2 - BHO: (no name) - {016235BE-59D4-4CEB-ADD5-E2378282A1D9} - C:\Program Files\CxtPls\cxtpls.dll
O2 - BHO: Network Essentials - {0421701D-CF13-4E70-ADF0-45A953E7CB8B} - C:\Program Files\Network Essentials\v16\NE.DLL
O2 - BHO: TChkBHO Class - {2A1FF118-2679-4E66-8768-86F60AD490A2} - C:\WINDOWS\system32\iyxiu.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Zango Search Assistant Helper - {56F1D444-11BF-4879-A12B-79CF0177F038} - c:\program files\zango\zangohook.dll (file missing)
O2 - BHO: LinkTracker Class - {8B6DA27E-7F64-4694-8F8F-DC87AB8C6B22} - C:\Program Files\Qlinks\qlink32.dll
O2 - BHO: (no name) - {8C0ACE31-734A-392C-F30E-9FBD7BB0A5E3} - C:\WINDOWS\System32\pysswhdr\xtdgcuqb.dll
O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\wsem303.dll
O2 - BHO: Related Page - {9A9C9B69-F908-4AAB-8D0C-10EA8997F37E} - C:\WINDOWS\System32\WinNB57.dll
O2 - BHO: IEHlprObj Class - {B78DB909-E6CE-4B4E-A582-C7CBA8D738C8} - C:\WINDOWS\system32\mob030612.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Related Page - {9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} - C:\WINDOWS\System32\WinNB57.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ZTgServerSwitch] c:\program files\support.com\client\lserver\server.vbs
O4 - HKLM\..\Run: [CleanupProgram] C:\Sonysys\cleanup.exe
O4 - HKLM\..\Run: [MovieNetworks] "C:\Program Files\MovieNetworks\MovieNetworks.exe" /H
O4 - HKLM\..\Run: [DownloadWare] "C:\Program Files\DownloadWare\dw.exe" /H
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [stcloader] C:\WINDOWS\System32\stcloader.exe
O4 - HKLM\..\Run: [winupdtl] C:\WINDOWS\System32\winupdtl.exe
O4 - HKLM\..\Run: [VBouncerDL] C:\Program Files\VBouncer\VBouncerInner.exe /S
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [t7rg37V] ieswoa.exe
O4 - HKLM\..\Run: [PMT] C:\Program Files\PMT\personalmoneytree.exe
O4 - HKLM\..\Run: [jelmliv] C:\WINDOWS\System32\ymyj\jelmliv.exe
O4 - HKLM\..\Run: [abfiy] C:\WINDOWS\System32\omwqi\abfiy.exe
O4 - HKLM\..\Run: [iffi] C:\WINDOWS\System32\xytj\iffi.exe
O4 - HKLM\..\Run: [rghhfgub] C:\WINDOWS\System32\nhsx\rghhfgub.exe
O4 - HKLM\..\Run: [ursm] C:\WINDOWS\System32\xhhlvmev\ursm.exe
O4 - HKLM\..\Run: [yirexd] C:\WINDOWS\System32\hlgec\yirexd.exe
O4 - HKLM\..\Run: [rrwndlpg] C:\WINDOWS\System32\miedvl\rrwndlpg.exe
O4 - HKLM\..\Run: [sbrgsv] C:\WINDOWS\System32\esqocfk\sbrgsv.exe
O4 - HKLM\..\Run: [kkgfxx] C:\WINDOWS\System32\egws\kkgfxx.exe
O4 - HKLM\..\Run: [lacjwxg] C:\WINDOWS\System32\xvgtxci\lacjwxg.exe
O4 - HKLM\..\Run: [edecjkoj] C:\WINDOWS\System32\nbuo\edecjkoj.exe
O4 - HKLM\..\Run: [lscoxog] C:\WINDOWS\System32\ukem\lscoxog.exe
O4 - HKLM\..\Run: [dxunrqp] C:\WINDOWS\System32\ebcugpf\dxunrqp.exe
O4 - HKLM\..\Run: [luhvjtg] C:\WINDOWS\System32\qpkeg\luhvjtg.exe
O4 - HKLM\..\Run: [hpeqo] C:\WINDOWS\System32\yvpv\hpeqo.exe
O4 - HKLM\..\Run: [lihvvjh] C:\WINDOWS\System32\lqycd\lihvvjh.exe
O4 - HKLM\..\Run: [sgvq] C:\WINDOWS\System32\kjapkir\sgvq.exe
O4 - HKLM\..\Run: [xfads] C:\WINDOWS\System32\wthvpx\xfads.exe
O4 - HKLM\..\Run: [tlnmhnc] C:\WINDOWS\System32\sjxrv\tlnmhnc.exe
O4 - HKLM\..\Run: [xgjwfmt] C:\WINDOWS\System32\bafjn\xgjwfmt.exe
O4 - HKLM\..\Run: [gobpsu] C:\WINDOWS\System32\cxqm\gobpsu.exe
O4 - HKLM\..\Run: [jojw] C:\WINDOWS\System32\rteq\jojw.exe
O4 - HKLM\..\Run: [fbfed] C:\WINDOWS\System32\mkktuum\fbfed.exe
O4 - HKLM\..\Run: [fktdya] C:\WINDOWS\System32\yygurocr\fktdya.exe
O4 - HKLM\..\Run: [wgsqgh] C:\WINDOWS\System32\wsvpsgj\wgsqgh.exe
O4 - HKLM\..\Run: [jliawjd] C:\WINDOWS\System32\bfhlhx\jliawjd.exe
O4 - HKLM\..\Run: [tawcjk] C:\WINDOWS\System32\dbwls\tawcjk.exe
O4 - HKLM\..\Run: [lqtucg] C:\WINDOWS\System32\skuek\lqtucg.exe
O4 - HKLM\..\Run: [rattllj] C:\WINDOWS\System32\lbuaa\rattllj.exe
O4 - HKLM\..\Run: [auit] C:\WINDOWS\System32\keyjqsfv\auit.exe
O4 - HKLM\..\Run: [cdlbtxdf] C:\WINDOWS\System32\sxuonkxn\cdlbtxdf.exe
O4 - HKLM\..\Run: [ngakdxv] C:\WINDOWS\System32\wfuk\ngakdxv.exe
O4 - HKLM\..\Run: [pfgfsap] C:\WINDOWS\System32\dtcbodm\pfgfsap.exe
O4 - HKLM\..\Run: [pnfgdvy] C:\WINDOWS\System32\bmxwgk\pnfgdvy.exe
O4 - HKLM\..\Run: [mntfhoj] C:\WINDOWS\System32\fjistp\mntfhoj.exe
O4 - HKLM\..\Run: [uoky] C:\WINDOWS\System32\lsjfltgk\uoky.exe
O4 - HKLM\..\Run: [ktepq] C:\WINDOWS\System32\bumeu\ktepq.exe
O4 - HKLM\..\Run: [mbok] C:\WINDOWS\System32\xcber\mbok.exe
O4 - HKLM\..\Run: [lfcdr] C:\WINDOWS\System32\bfryo\lfcdr.exe
O4 - HKLM\..\Run: [kufeskd] C:\WINDOWS\System32\bhpdqt\kufeskd.exe
O4 - HKLM\..\Run: [xpfgi] C:\WINDOWS\System32\pecpsa\xpfgi.exe
O4 - HKLM\..\Run: [wqpuiui] C:\WINDOWS\System32\ktyrr\wqpuiui.exe
O4 - HKLM\..\Run: [pxso] C:\WINDOWS\System32\kilcbdpy\pxso.exe
O4 - HKLM\..\Run: [hkywnop] C:\WINDOWS\System32\gvtd\hkywnop.exe
O4 - HKLM\..\Run: [aenloen] C:\WINDOWS\System32\hfnydlkd\aenloen.exe
O4 - HKLM\..\Run: [rfdiymkj] C:\WINDOWS\System32\nrevv\rfdiymkj.exe
O4 - HKLM\..\Run: [wufrni] C:\WINDOWS\System32\bdsglann\wufrni.exe
O4 - HKLM\..\Run: [jmnbmb] C:\WINDOWS\System32\ijrnreon\jmnbmb.exe
O4 - HKLM\..\Run: [bqvvcc] C:\WINDOWS\System32\rapjn\bqvvcc.exe
O4 - HKLM\..\Run: [krqfmdyq] C:\WINDOWS\System32\rpixe\krqfmdyq.exe
O4 - HKLM\..\Run: [xpwcifcp] C:\WINDOWS\System32\exttt\xpwcifcp.exe
O4 - HKLM\..\Run: [klabffy] C:\WINDOWS\System32\tqdjqpqw\klabffy.exe
O4 - HKLM\..\Run: [qkhekn] C:\WINDOWS\System32\uaubcsuf\qkhekn.exe
O4 - HKLM\..\Run: [bsdtwuyc] C:\WINDOWS\System32\tjxlelb\bsdtwuyc.exe
O4 - HKLM\..\Run: [rxdcmw] C:\WINDOWS\System32\swibgru\rxdcmw.exe
O4 - HKLM\..\Run: [qdpcycvb] C:\WINDOWS\System32\iere\qdpcycvb.exe
O4 - HKLM\..\Run: [dugo] C:\WINDOWS\System32\uobg\dugo.exe
O4 - HKLM\..\Run: [hnuek] C:\WINDOWS\System32\rqrctrc\hnuek.exe
O4 - HKLM\..\Run: [adajkbw] C:\WINDOWS\System32\ecan\adajkbw.exe
O4 - HKLM\..\Run: [fyuefwc] C:\WINDOWS\System32\wknlv\fyuefwc.exe
O4 - HKLM\..\Run: [qnlqe] C:\WINDOWS\System32\bcijsbe\qnlqe.exe
O4 - HKLM\..\Run: [dmkm] C:\WINDOWS\System32\tfkkhnu\dmkm.exe
O4 - HKLM\..\Run: [qukhopd] C:\WINDOWS\System32\jdkefpy\qukhopd.exe
O4 - HKLM\..\Run: [owbkbuuk] C:\WINDOWS\System32\hsibgne\owbkbuuk.exe
O4 - HKLM\..\Run: [fyusp] C:\WINDOWS\System32\axoolby\fyusp.exe
O4 - HKLM\..\Run: [fvaxmh] C:\WINDOWS\System32\ckdeeebs\fvaxmh.exe
O4 - HKLM\..\Run: [NI.UWFX6_0001_N68M2301] "C:\WINDOWS\Downloaded Program Files\UWFX6_0001_N68M2301NetInstaller.exe" -nag
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [vnpgiw] C:\WINDOWS\System32\lxubnh\vnpgiw.exe
O4 - HKLM\..\Run: [jsyjgu] C:\WINDOWS\System32\vpgy\jsyjgu.exe
O4 - HKLM\..\Run: [hlge] C:\WINDOWS\System32\epof\hlge.exe
O4 - HKLM\..\Run: [tujlkwg] C:\WINDOWS\System32\jdsmrhu\tujlkwg.exe
O4 - HKLM\..\Run: [aqpb] C:\WINDOWS\System32\sbqrr\aqpb.exe
O4 - HKLM\..\Run: [npqvuf] C:\WINDOWS\System32\kjqix\npqvuf.exe
O4 - HKLM\..\Run: [jteey] C:\WINDOWS\System32\yjpim\jteey.exe
O4 - HKLM\..\Run: [toebkalo] C:\WINDOWS\System32\bein\toebkalo.exe
O4 - HKLM\..\Run: [udbu] C:\WINDOWS\System32\ytkai\udbu.exe
O4 - HKLM\..\Run: [ylbj] C:\WINDOWS\System32\almo\ylbj.exe
O4 - HKLM\..\Run: [iaes] C:\WINDOWS\System32\ktyty\iaes.exe
O4 - HKLM\..\Run: [rhbrqbc] C:\WINDOWS\System32\cynkxm\rhbrqbc.exe
O4 - HKLM\..\Run: [njuhcqy] C:\WINDOWS\System32\wfwqme\njuhcqy.exe
O4 - HKLM\..\Run: [frytrsyy] C:\WINDOWS\System32\dwnlgold\frytrsyy.exe
O4 - HKLM\..\Run: [bsvy] C:\WINDOWS\System32\vsydemu\bsvy.exe
O4 - HKLM\..\Run: [vefw] C:\WINDOWS\System32\rumgi\vefw.exe
O4 - HKLM\..\Run: [uhye] C:\WINDOWS\System32\dcoavh\uhye.exe
O4 - HKLM\..\Run: [hnyeb] C:\WINDOWS\System32\ogef\hnyeb.exe
O4 - HKLM\..\Run: [xbajkobs] C:\WINDOWS\System32\lpsufgx\xbajkobs.exe
O4 - HKLM\..\Run: [tvkg] C:\WINDOWS\System32\ykypp\tvkg.exe
O4 - HKLM\..\Run: [nakf] C:\WINDOWS\System32\naxrjsgk\nakf.exe
O4 - HKLM\..\Run: [hbrqvo] C:\WINDOWS\System32\jrcy\hbrqvo.exe
O4 - HKLM\..\Run: [xojddul] C:\WINDOWS\System32\jgvnsdti\xojddul.exe
O4 - HKLM\..\Run: [sikuiyb] C:\WINDOWS\System32\oomjrte\sikuiyb.exe
O4 - HKLM\..\Run: [oluhc] C:\WINDOWS\System32\bmjk\oluhc.exe
O4 - HKLM\..\Run: [klesuwt] C:\WINDOWS\System32\rtjbrdwb\klesuwt.exe
O4 - HKLM\..\Run: [jyhr] C:\WINDOWS\System32\ssej\jyhr.exe
O4 - HKLM\..\Run: [hxfrljvu] C:\WINDOWS\System32\fddw\hxfrljvu.exe
O4 - HKLM\..\Run: [eaxvbx] C:\WINDOWS\System32\txkumd\eaxvbx.exe
O4 - HKLM\..\Run: [rhoyqgi] C:\WINDOWS\System32\topteyx\rhoyqgi.exe
O4 - HKLM\..\Run: [yjhg] C:\WINDOWS\System32\yeiy\yjhg.exe
O4 - HKLM\..\Run: [uyghrac] C:\WINDOWS\System32\rjenws\uyghrac.exe
O4 - HKLM\..\Run: [xeoc] C:\WINDOWS\System32\bmtbf\xeoc.exe
O4 - HKLM\..\Run: [grmmbts] C:\WINDOWS\System32\bkkbmhqy\grmmbts.exe
O4 - HKLM\..\Run: [erowp] C:\WINDOWS\System32\gyhe\erowp.exe
O4 - HKLM\..\Run: [oiqlfjqf] C:\WINDOWS\System32\tfrqxjou\oiqlfjqf.exe
O4 - HKLM\..\Run: [gyjvy] C:\WINDOWS\System32\yasabv\gyjvy.exe
O4 - HKLM\..\Run: [nkxeg] C:\WINDOWS\System32\yldoxpe\nkxeg.exe
O4 - HKLM\..\Run: [pfre] C:\WINDOWS\System32\pmlmjobm\pfre.exe
O4 - HKLM\..\Run: [chovumj] C:\WINDOWS\System32\sijao\chovumj.exe
O4 - HKLM\..\Run: [cmgyv] C:\WINDOWS\System32\pmkdb\cmgyv.exe
O4 - HKLM\..\Run: [lrvgtso] C:\WINDOWS\System32\gdukikk\lrvgtso.exe
O4 - HKLM\..\Run: [drhy] C:\WINDOWS\System32\eubrlcjr\drhy.exe
O4 - HKLM\..\Run: [igtk] C:\WINDOWS\System32\ctytarr\igtk.exe
O4 - HKLM\..\Run: [evofcqjc] C:\WINDOWS\System32\vuqjmgt\evofcqjc.exe
O4 - HKLM\..\Run: [tqieq] C:\WINDOWS\System32\ehwfntch\tqieq.exe
O4 - HKLM\..\Run: [rknbxqrf] C:\WINDOWS\System32\wxglwmb\rknbxqrf.exe
O4 - HKLM\..\Run: [cewiw] C:\WINDOWS\System32\jfnonr\cewiw.exe
O4 - HKLM\..\Run: [nsnel] C:\WINDOWS\System32\tuphw\nsnel.exe
O4 - HKLM\..\Run: [ebwknq] C:\WINDOWS\System32\hfgukg\ebwknq.exe
O4 - HKLM\..\Run: [lblggy] C:\WINDOWS\System32\jsymflg\lblggy.exe
O4 - HKLM\..\Run: [xgqxjayd] C:\WINDOWS\System32\qwooeqx\xgqxjayd.exe
O4 - HKLM\..\Run: [jwxexbfb] C:\WINDOWS\System32\vylg\jwxexbfb.exe
O4 - HKLM\..\Run: [hrbupnuo] C:\WINDOWS\System32\tfnujd\hrbupnuo.exe
O4 - HKLM\..\Run: [hitiponr] C:\WINDOWS\System32\dteg\hitiponr.exe
O4 - HKLM\..\Run: [wfxbq] C:\WINDOWS\System32\usptamp\wfxbq.exe
O4 - HKLM\..\Run: [onlf] C:\WINDOWS\System32\emwbw\onlf.exe
O4 - HKLM\..\Run: [pjnpqpag] C:\WINDOWS\System32\dnlniej\pjnpqpag.exe
O4 - HKLM\..\Run: [oxdl] C:\WINDOWS\System32\fgmicmk\oxdl.exe
O4 - HKLM\..\Run: [qxlyip] C:\WINDOWS\System32\dkiq\qxlyip.exe
O4 - HKLM\..\Run: [kfaalr] C:\WINDOWS\System32\aecvxtnj\kfaalr.exe
O4 - HKLM\..\Run: [sarokk] C:\WINDOWS\System32\tilu\sarokk.exe
O4 - HKLM\..\Run: [yppoud] C:\WINDOWS\System32\cnlhjh\yppoud.exe
O4 - HKLM\..\Run: [ijxvki] C:\WINDOWS\System32\xhhevxsx\ijxvki.exe
O4 - HKLM\..\Run: [jufa] C:\WINDOWS\System32\cryv\jufa.exe
O4 - HKLM\..\Run: [mjrgsjo] C:\WINDOWS\System32\wyxkboyg\mjrgsjo.exe
O4 - HKLM\..\Run: [kallxig] C:\WINDOWS\System32\breiclle\kallxig.exe
O4 - HKLM\..\Run: [ifilnqdk] C:\WINDOWS\System32\olhova\ifilnqdk.exe
O4 - HKLM\..\Run: [pdirwge] C:\WINDOWS\System32\qvlrfu\pdirwge.exe
O4 - HKLM\..\Run: [orfrmt] C:\WINDOWS\System32\pdii\orfrmt.exe
O4 - HKLM\..\Run: [plwsplbo] C:\WINDOWS\System32\ycphs\plwsplbo.exe
O4 - HKLM\..\Run: [jmlriwcv] C:\WINDOWS\System32\ntgfo\jmlriwcv.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: America Online 7.0 Tray Icon.lnk = C:\Program Files\America Online 7.0a\aoltray.exe
O4 - Global Startup: VAIO Action Setup (Server).lnk = ?
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 - Trusted Zone: *.crosskirknet.com (HKLM)
O15 - Trusted Zone: *.dollarrevenue.com (HKLM)
O15 - Trusted Zone: *.errorsafe.com (HKLM)
O15 - Trusted Zone: *.filesharingaccess.com (HKLM)
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: *.gimmysmileys.com (HKLM)
O15 - Trusted Zone: *.imagesrvr.com (HKLM)
O15 - Trusted Zone: *.kabum.pl (HKLM)
O15 - Trusted Zone: *.kazaa-forum.com (HKLM)
O15 - Trusted Zone: *.media-motor.com (HKLM)
O15 - Trusted Zone: *.media-motor.net (HKLM)
O15 - Trusted Zone: *.mediatickets.net (HKLM)
O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
O15 - Trusted Zone: *.mt-download.com (HKLM)
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O15 - Trusted Zone: *.traffic-stats.org (HKLM)
O15 - Trusted Zone: *.winantivirus.com (HKLM)
O15 - Trusted Zone: *.windupdates.com (HKLM)
O15 - Trusted Zone: *.winfixer.com (HKLM)
O15 - Trusted Zone: *.xxxtoolbar.com (HKLM)
O15 - Trusted Zone: *.yoursitebar.com (HKLM)
O15 - Trusted Zone: *.ysbweb.com (HKLM)
O15 - Trusted Zone: *.zango.com (HKLM)
O15 - Trusted Zone: *.zangocash.com (HKLM)
O16 - DPF: {072D3F2E-5FB6-11D3-B461-00C04FA35A21} (CFForm Runtime) - http://www.pbcprc.com/CFIDE/classes/CFJava.cab
O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://c:\nenenc.mht!http://crosskirknet.com/script/cnet.chm::/cnet.exe
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540013} (CInstall Class) - http://adserver.sharewareonline.com/...er/Install.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_mp3.cab
O16 - DPF: {4E7BD74F-2B8D-469E-DEFA-EB76B1D5FA7D} - http://lovefreegames.aavalue.com/LFG...FG-toolbar.cab
O16 - DPF: {7149E79C-DC19-4C5E-A53C-A54DDF75EEE9} (IObjSafety.DemoCtl) - ms-its:mhtml:file://c:\nenenm.mht!http://crosskirknet.com/script/mma.chm::/alien.cab
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} (Mirar_Dummy_ATS1 Class) - http://awbeta.net-nucleus.com/FIX/WinATS.cab
O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} (MediaGatewayX) - http://static.zangocash.com/cab/Zang...ridge-c139.cab
O16 - DPF: {9DBAFCCF-592F-FFFF-FFFF-00608CEC297B} - http://start1.aaa1screensavers.com/10078.exe
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} - ms-its:mhtml:file://c:\nenent.mht!http://crosskirknet.com/script/mta.c...sInstaller.cab
O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - ms-its:mhtml:file://c:\nenenw.mht!http://crosskirknet.com/script/winfi...reeInstall.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - http://download.toontown.com/sv1.0.15.31/ttinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/...sh/swflash.cab
O16 - DPF: {EB6AFDAB-E16D-430B-A5EE-0408A12289DC} - http://download.mediacharger.com/movienetworks.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7C7A1227-FF2A-4F4C-9D89-B27BCD830995}: NameServer = 205.188.146.145
O18 - Filter: text/html - {DFAA31C8-A356-4313-9D95-5EDAB46C5070} - C:\Program Files\Qlinks\qlink32.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: aqpbsbqrr - Unknown owner - C:\WINDOWS\System32\sbqrr\aqpb.exe
O23 - Service: bqvvccrapjn - Unknown owner - C:\WINDOWS\System32\rapjn\bqvvcc.exe
O23 - Service: DefWatch - Unknown owner - C:\Program Files\NavNT\defwatch.exe (file missing)
O23 - Service: fyuspaxoolby - Unknown owner - C:\WINDOWS\System32\axoolby\fyusp.exe
O23 - Service: hnyebogef - Unknown owner - C:\WINDOWS\System32\ogef\hnyeb.exe
O23 - Service: jyhrssej - Unknown owner - C:\WINDOWS\System32\ssej\jyhr.exe
O23 - Service: krqfmdyqrpixe - Unknown owner - C:\WINDOWS\System32\rpixe\krqfmdyq.exe
O23 - Service: lacjwxgxvgtxci - Unknown owner - C:\WINDOWS\System32\xvgtxci\lacjwxg.exe
O23 - Service: luhvjtgqpkeg - Unknown owner - C:\WINDOWS\System32\qpkeg\luhvjtg.exe
O23 - Service: pnfgdvybmxwgk - Unknown owner - C:\WINDOWS\System32\bmxwgk\pnfgdvy.exe
O23 - Service: qukhopdjdkefpy - Unknown owner - C:\WINDOWS\System32\jdkefpy\qukhopd.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: ursmxhhlvmev - Unknown owner - C:\WINDOWS\System32\xhhlvmev\ursm.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Winkeri - Unknown owner - C:\WINDOWS\System32\Winkeri.exe
O23 - Service: xgjwfmtbafjn - Unknown owner - C:\WINDOWS\System32\bafjn\xgjwfmt.exe
O23 - Service: yppoudcnlhjh - Unknown owner - C:\WINDOWS\System32\cnlhjh\yppoud.exe
|
Other Threads in the Viruses, Spyware and other Nasties Forum
- Previous Thread: Help..pop up and audio weirdness
- Next Thread: http:///?%20 in IE Address Bar
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Viruses, Spyware and other Nasties Posts
adware anti-malware anti-virussitesaccessissue antivirus attack audio avg backtoschoolspeech bar blackhat botnet botnets censorship china commercial commercials conficker connect control crosssitescripting cyber cybercrime cyberwarfare ddos domains e-mafia education email europe exam exploit facebook fake fancheckvirus gaming gumblar halloween herss.exe hijack hosting internet iphone kaspersky legal logfiles mail malware mcafee mega-d messagelabs microsoft mobile nazi news obama onlinethreats paedophile panel parents patch phishing police policeprovirusmba-mblockedinternetaccess president privacy pro problem redirect redirecting reliability report research risk rogueantivirus samhain sans scareware school search security seopoisoning software spam spyware spywareexternalwindows7adminstratortrojans sqlinjection symantec trojan unwanted update usa virus viruses vista war warning windows worm yahoo zeroday
