Tech Support Guy banner
Cancel
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice

Virus Issues

830 Views 6 Replies 2 Participants Last post by  Fallen001
F
HELLO I NEED HELP

HIJACK THIS LOG

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:46:59 PM, on 10/18/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\Program Files\WinAntiSpyware 2007\was7.exe
C:\Program Files\Common Files\WinAntiSpyware 2007\uwas7cw.exe
C:\Program Files\Common Files\WinAntiSpyware 2007\WAS7Mon.exe
C:\Program Files\Common Files\Update\dnse.exe
C:\Program Files\DellSupport\DSAgnt.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\SiteAdvisor\6172\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Kaylee King\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {89AD4D75-2429-462e-BD4E-443F233F6033} - C:\WINDOWS\system32\llufenga.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
O4 - HKLM\..\Run: [WinAntiSpyware 2007 Free] "C:\Program Files\WinAntiSpyware 2007\was7.exe" /min
O4 - HKLM\..\Run: [uwas7cw] "C:\Program Files\Common Files\WinAntiSpyware 2007\uwas7cw.exe" -c
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Common Files\WinAntiSpyware 2007\WAS7Mon.exe"
O4 - HKLM\..\Run: [dnse] "C:\Program Files\Common Files\Update\dnse.exe" -c -product=was
O4 - HKLM\..\RunOnce: [VcClnUp.exe] C:\DOCUME~1\KAYLEE~1\LOCALS~1\Temp\VcClnUp0.exe -F C:\PROGRA~1\COMMON~1\SYMANT~1\LiveReg /RemoveAll
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/CursorManiaFWBInitialSetup1.0.0.15-3.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://littlelolliepop.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O20 - Winlogon Notify: xxyawvv - xxyawvv.dll (file missing)
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6172\SAService.exe

--
End of file - 9587 bytes

Thanks
See less See more
Save
Like
Status
Not open for further replies.
1 - 7 of 7 Posts
M
NOTE: If you have downloaded ComboFix previously please delete that version and download it again!

Download this file :

http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe
or
http://download.bleepingcomputer.com/sUBs/Beta/ComboFix.exe

Double click combofix.exe & follow the prompts.
When finished, it shall produce a log for you. Post that log and a HiJack log in your next reply

Note:
Do not mouseclick combofix's window while its running. That may cause it to stall

=====================
Download Superantispyware (SAS) free home version

http://www.superantispyware.com/superantispywarefreevspro.html

Install it and double-click the icon on your desktop to run it.
· It will ask if you want to update the program definitions, click Yes.
· Under Configuration and Preferences, click the Preferences button.
· Click the Scanning Control tab.
· Under Scanner Options make sure the following are checked:
o Close browsers before scanning
o Scan for tracking cookies
o Terminate memory threats before quarantining.
o Please leave the others unchecked.
o Click the Close button to leave the control center screen.
· On the main screen, under Scan for Harmful Software click Scan your computer.
· On the left check C:\Fixed Drive.
· On the right, under Complete Scan, choose Perform Complete Scan.
· Click Next to start the scan. Please be patient while it scans your computer.
· After the scan is complete a summary box will appear. Click OK.
· Make sure everything in the white box has a check next to it, then click Next.
· It will quarantine what it found and if it asks if you want to reboot, click Yes.
· To retrieve the removal information for me please do the following:
o After reboot, double-click the SUPERAntispyware icon on your desktop.
o Click Preferences. Click the Statistics/Logs tab.
o Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
o It will open in your default text editor (such as Notepad/Wordpad).
o Please highlight everything in the notepad, then right-click and choose copy.
· Click close and close again to exit the program.
· Please paste that information here for me regardless of what it finds with a new HijackThis log.

This will take some time!!!!!!!!
See less See more
Save
Like
F
COMBOFIX LOG...

ComboFix [email protected] - home 2007-10-18 20:48:22.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.182 [GMT -5:00]
Running from: C:\Documents and Settings\home\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\check_LSA7.txt
C:\Documents and Settings\All Users\Application Data.\salesmonitor
C:\Documents and Settings\All Users\Application Data.\winantispyware 2007
C:\Documents and Settings\All Users\Application Data.\winantispyware 2007\Data\Abbr
C:\Documents and Settings\All Users\Application Data.\winantispyware 2007\Data\ProductCode
C:\Documents and Settings\All Users\Application Data\WinAntiSpyware 2007\Data\Abbr
C:\Documents and Settings\All Users\Application Data\WinAntiSpyware 2007\Data\Abbr
C:\Documents and Settings\All Users\Application Data\WinAntiSpyware 2007\Data\ProductCode
C:\Documents and Settings\All Users\Application Data\WinAntiSpyware 2007\Data\ProductCode
C:\Documents and Settings\home\Application Data\WinAntiSpyware 2007
C:\Documents and Settings\home\Application Data\WinAntiSpyware 2007\Logs\update.log
C:\Documents and Settings\home\Application Data\WinAntiSpyware 2007\Logs\update.log
C:\Documents and Settings\kaylee\Application Data\WinAntiSpyware 2007
C:\Documents and Settings\kaylee\Application Data\WinAntiSpyware 2007\Logs\update.log
C:\Documents and Settings\kaylee\Application Data\WinAntiSpyware 2007\Logs\update.log
C:\Documents and Settings\kaylee\err.log
C:\Program Files\Common Files\winantispyware 2007
C:\Program Files\Common Files\winantispyware 2007\err.log
C:\Program Files\Common Files\WinAntiSpyware 2007\err.log
C:\Program Files\Common Files\winantispyware 2007\uwas7cw.exe
C:\Program Files\Common Files\WinAntiSpyware 2007\uwas7cw.exe
C:\Program Files\Common Files\WinAntiSpyware 2007\WAS7Mon.exe
C:\Program Files\Common Files\winantispyware 2007\WAS7Mon.exe
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\cdeeg.bak1
C:\WINDOWS\system32\cdeeg.bak2
C:\WINDOWS\system32\cdeeg.ini
C:\WINDOWS\system32\cdeeg.tmp
C:\WINDOWS\system32\drivers\fopn.sys
C:\WINDOWS\system32\llufenga.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_FOPN
-------\ApiMon

((((((((((((((((((((((((( Files Created from 2007-09-19 to 2007-10-19 )))))))))))))))))))))))))))))))
.

2007-10-18 20:47 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-18 20:13 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-10-18 20:12 d-------- C:\Program Files\SUPERAntiSpyware
2007-10-18 20:12 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-10-18 20:12 d-------- C:\Documents and Settings\home\Application Data\SUPERAntiSpyware.com
2007-10-09 20:04 584,192 --------- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2007-10-08 19:22 d-------- C:\Documents and Settings\kaylee\Application Data\acccore
2007-10-08 19:10 d-------- C:\Program Files\AIM6
2007-10-08 19:07 d-------- C:\Documents and Settings\All Users\Application Data\AOL Downloads
2007-10-05 15:11 118,784 --a------ C:\WINDOWS\system32\KPDRES.dll
2007-10-05 15:11 40,960 --a------ C:\WINDOWS\system32\KPDLM.dll
2007-09-23 21:17 d--h----- C:\WINDOWS\PIF

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-19 01:17 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-19 01:10 --------- d-----w C:\Program Files\Common Files\Sonic Shared
2007-10-19 01:09 --------- d-----w C:\Program Files\Common Files\Roxio Shared
2007-10-19 01:02 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2007-10-19 00:58 --------- d-----w C:\Program Files\Dell
2007-10-19 00:57 --------- d-----w C:\Program Files\Common Files\Corel
2007-10-19 00:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2007-10-19 00:37 --------- d-----w C:\Program Files\Common Files\AOL
2007-10-19 00:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2007-10-18 00:10 --------- d-----w C:\Documents and Settings\home\Application Data\SiteAdvisor
2007-10-12 00:04 --------- d-----w C:\Documents and Settings\kaylee\Application Data\SiteAdvisor
2007-10-08 20:08 --------- d-----w C:\Documents and Settings\LocalService\Application Data\SiteAdvisor
2007-10-08 20:08 --------- d-----w C:\Documents and Settings\LocalService\Application Data\SiteAdvisor
2007-10-08 20:08 --------- d-----w C:\Documents and Settings\LocalService\Application Data\SiteAdvisor
2007-10-06 20:46 --------- d--h--w C:\Documents and Settings\kaylee\Application Data\Move Networks
2007-09-30 21:17 --------- d-----w C:\Program Files\McAfee
2007-09-30 17:41 --------- d-----w C:\Program Files\SiteAdvisor
2007-09-06 21:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2007-08-22 03:26 --------- d-----w C:\Documents and Settings\kaylee\Application Data\Corel Photo Album
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-10-14 20:49]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-10-14 20:46]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-10-14 20:50]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 10:44]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 10:44]
"MSKDetectorExe"="C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe" [2005-08-12 16:16]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-09-08 05:20]
"MSKAGENTEXE"="C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe" [2005-09-26 10:26]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-08-21 11:10]
"MMTray"="C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" [2005-09-08 19:20]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6172\SiteAdv.exe" [2007-04-10 13:35]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 11:24]
"DMX"="C:\Program Files\Dell\Media Experience\DMX.exe" []
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22]
Kodak EasyShare software.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2005-11-04 16:04:48]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\xxyawvv]
xxyawvv.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

.
Contents of the 'Scheduled Tasks' folder
"2007-07-07 23:04:32 C:\WINDOWS\Tasks\McDefragTask.job"
- c:\program files\mcafee\mqc\QcConsol.exe
"2007-07-07 23:04:31 C:\WINDOWS\Tasks\McQcTask.job"
- c:\program files\mcafee\mqc\QcConsol.exe
.
**************************************************************************

catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-18 20:54:32
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-10-18 20:55:51 - machine was rebooted
.
--- E O F ---
See less See more
Save
Like
F
SUPANTISPYWARE LOG...

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 10/18/2007 at 09:45 PM

Application Version : 3.9.1008

Core Rules Database Version : 3327
Trace Rules Database Version: 1328

Scan type : Complete Scan
Total Scan Time : 00:44:08

Memory items scanned : 412
Memory threats detected : 0
Registry items scanned : 5131
Registry threats detected : 0
File items scanned : 43696
File threats detected : 385

Adware.Tracking Cookie
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][3].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][3].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][3].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][3].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][3].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][1].txt
C:\Documents and Settings\home\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][3].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][5].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][6].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][3].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][3].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][3].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][3].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][3].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][4].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][3].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][4].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][5].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected]sales.liveperson[1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected]screensavers[2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected]server.iad.liveperson[1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][3].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][3].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][10].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][11].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][12].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][13].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][14].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][15].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][16].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][17].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][18].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][19].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][20].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][22].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][3].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][4].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][5].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][6].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][7].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][8].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][9].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][2].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt
C:\Documents and Settings\kaylee\Cookies\[email protected][1].txt

Trojan.WinAntiSpyware 2007
C:\QOOBOX\QUARANTINE\C\PROGRAM FILES\COMMON FILES\WINANTISPYWARE 2007\WAS7MON.EXE.VIR
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP138\A0055343.SYS
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP138\A0055351.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP152\A0056604.EXE

Trojan.WinAntiSpyware/WinAntiVirus 2006
C:\RECYCLER\S-1-5-21-2688665882-4258818386-2955159193-1007\DC1027.EXE

Trojan.Downloader-Stera/WinSoftware
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP138\A0055344.EXE

Malware.DriveCleaner
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0056470.EXE
See less See more
Save
Like
F
HIJACKTHIS LOG.....

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:58:46 PM, on 10/18/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\SiteAdvisor\6172\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Documents and Settings\home\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DMX] C:\Program Files\Dell\Media Experience\DMX.exe -sys
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZJxdm028LSUS
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/CursorManiaFWBInitialSetup1.0.0.15-3.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://littlelolliepop.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: xxyawvv - xxyawvv.dll (file missing)
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6172\SAService.exe

--
End of file - 8184 bytes
See less See more
Save
Like
M
Fix these with HiJackThis – mark them, close IE, click fix checked

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...p=ZJxdm028LSUS

O20 - Winlogon Notify: xxyawvv - xxyawvv.dll (file missing)

START – RUN – type in %temp% - OK - Edit – Select all – File – Delete

Delete everything in the C:\Windows\Temp folder or C:\WINNT\temp

Not all temp files will delete and that is normal
Empty the recycle bin
Boot and post a new hijack log from normal NOT safe mode

How are things on the PC???????????
See less See more
Save
Like
F
Sorry I havent posted in awhile

Been busy!!

Here is is....All things are running much better!!!!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:47:14 PM, on 11/2/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\home\Desktop\HiJackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\HPZipm12.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKCU\..\Run: [DMX] C:\Program Files\Dell\Media Experience\DMX.exe -sys
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/CursorManiaFWBInitialSetup1.0.0.15-3.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://littlelolliepop.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 5529 bytes
See less See more
Save
Like
1 - 7 of 7 Posts
Status
Not open for further replies.
Tech Support Guy
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Explore Our Forums
Hardware Virus & Other Malware Removal Off Topic Lounge Thread Games & Discussion Networking
Top