Custom Search
Join the PC homebuilding revolution! Read the all-new, FREE 200-page online guide: How to Build Your Own PC!
NOTE: Using robot software to mass-download the site degrades the server and is prohibited. See here for more.
Find The PC Guide helpful? Please consider a donation to The PC Guide Tip Jar. Visa/MC/Paypal accepted.
Results 1 to 22 of 22

Thread: Services and Controller App has encountered a problem...

  1. #1

    Services and Controller App has encountered a problem...

    Help please!

    This message box keeps popping up:


    "Services and Controller App has encountered a problem and needs to close. We are sorry for the inconvenience.
    If you were in the middle of something the information you were working on might be lost.

    For more information about this error, click here. Close"

    When I click on more info:

    "Generic Host Process for Win32 Services Error Signature
    szAppName: scvhost.exe szAppVer: 5.1.2600.0 szModName:unknown
    szModVer: 0.0.0.0 offset 00000000

    The following files will be included in the report

    C:\DOCUME~1\Mondie\LOCALS~1\Temp\WER484.tmp.dir00\ svchost.exe.mdmp
    C:\DOCUME~1\Mondie\LOCALS~1\Temp\WER484.tmp.dir00\ appcomat.txt"

    thanks!

  2. #2

    I did a HijackThis:





    Logfile of HijackThis v1.99.1
    Scan saved at 7:25:33 AM, on 10/29/2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
    C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
    C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
    c:\program files\common files\mcafee\mna\mcnasvc.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    C:\PROGRA~1\McAfee\MSC\mctskshd.exe
    C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
    C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
    C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
    C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
    C:\WINDOWS\System32\hphmon05.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb1 2.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
    C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
    C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
    C:\Program Files\Microsoft Money\System\mnyexpr.exe
    C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
    C:\WINDOWS\9129837.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
    C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
    C:\Program Files\Microsoft Office\Office\OSA.EXE
    C:\WINDOWS\System32\rundll32.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\PROGRA~1\mcafee\msc\mcupdui.exe
    C:\WINDOWS\System32\dwwin.exe
    C:\Program Files\Hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...ch/search.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...ch/search.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://encarta.msn.com/teleport/acti...p?pid=51957HP1
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
    O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
    O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
    O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
    O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
    O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
    O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb1 2.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
    O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot

  3. #3
    O4 - HKCU\..\Run: [ttool] C:\WINDOWS\9129837.exe
    O4 - HKCU\..\Run: [158031.exe] C:\WINDOWS\158031.exe
    O4 - HKCU\..\Run: [561296.exe] C:\WINDOWS\561296.exe
    O4 - HKCU\..\Run: [961656.exe] C:\WINDOWS\961656.exe
    O4 - HKCU\..\Run: [1362453.exe] C:\WINDOWS\1362453.exe
    O4 - HKCU\..\Run: [1763000.exe] C:\WINDOWS\1763000.exe
    O4 - HKCU\..\Run: [2163703.exe] C:\WINDOWS\2163703.exe
    O4 - HKCU\..\Run: [2565125.exe] C:\WINDOWS\2565125.exe
    O4 - HKCU\..\Run: [2969015.exe] C:\WINDOWS\2969015.exe
    O4 - HKCU\..\Run: [3369828.exe] C:\WINDOWS\3369828.exe
    O4 - HKCU\..\Run: [3770281.exe] C:\WINDOWS\3770281.exe
    O4 - HKCU\..\Run: [4171437.exe] C:\WINDOWS\4171437.exe
    O4 - HKCU\..\Run: [4571859.exe] C:\WINDOWS\4571859.exe
    O4 - HKCU\..\Run: [4972359.exe] C:\WINDOWS\4972359.exe
    O4 - HKCU\..\Run: [5372718.exe] C:\WINDOWS\5372718.exe
    O4 - HKCU\..\Run: [5773218.exe] C:\WINDOWS\5773218.exe
    O4 - HKCU\..\Run: [6173937.exe] C:\WINDOWS\6173937.exe
    O4 - HKCU\..\Run: [6574625.exe] C:\WINDOWS\6574625.exe
    O4 - HKCU\..\Run: [6975781.exe] C:\WINDOWS\6975781.exe
    O4 - HKCU\..\Run: [7376218.exe] C:\WINDOWS\7376218.exe
    O4 - HKCU\..\Run: [7776984.exe] C:\WINDOWS\7776984.exe
    O4 - HKCU\..\Run: [9570906.exe] C:\WINDOWS\9570906.exe
    O4 - HKCU\..\Run: [9974406.exe] C:\WINDOWS\9974406.exe
    O4 - HKCU\..\Run: [10375171.exe] C:\WINDOWS\10375171.exe
    O4 - HKCU\..\Run: [10776109.exe] C:\WINDOWS\10776109.exe
    O4 - HKCU\..\Run: [11176640.exe] C:\WINDOWS\11176640.exe
    O4 - HKCU\..\Run: [11577687.exe] C:\WINDOWS\11577687.exe
    O4 - HKCU\..\Run: [11978093.exe] C:\WINDOWS\11978093.exe
    O4 - HKCU\..\Run: [18813281.exe] C:\WINDOWS\18813281.exe
    O4 - HKCU\..\Run: [19213750.exe] C:\WINDOWS\19213750.exe
    O4 - HKCU\..\Run: [19614171.exe] C:\WINDOWS\19614171.exe
    O4 - HKCU\..\Run: [20014734.exe] C:\WINDOWS\20014734.exe
    O4 - HKCU\..\Run: [20415546.exe] C:\WINDOWS\20415546.exe
    O4 - HKCU\..\Run: [74984312.exe] C:\WINDOWS\74984312.exe
    O4 - HKCU\..\Run: [75385953.exe] C:\WINDOWS\75385953.exe
    O4 - HKCU\..\Run: [75787031.exe] C:\WINDOWS\75787031.exe
    O4 - HKCU\..\Run: [76187890.exe] C:\WINDOWS\76187890.exe
    O4 - HKCU\..\Run: [76590468.exe] C:\WINDOWS\76590468.exe
    O4 - HKCU\..\Run: [76992546.exe] C:\WINDOWS\76992546.exe
    O4 - HKCU\..\Run: [77394156.exe] C:\WINDOWS\77394156.exe
    O4 - HKCU\..\Run: [77795953.exe] C:\WINDOWS\77795953.exe
    O4 - HKCU\..\Run: [78196718.exe] C:\WINDOWS\78196718.exe
    O4 - HKCU\..\Run: [78597453.exe] C:\WINDOWS\78597453.exe
    O4 - HKCU\..\Run: [78999625.exe] C:\WINDOWS\78999625.exe
    O4 - HKCU\..\Run: [79401156.exe] C:\WINDOWS\79401156.exe
    O4 - HKCU\..\Run: [79802187.exe] C:\WINDOWS\79802187.exe
    O4 - HKCU\..\Run: [80204703.exe] C:\WINDOWS\80204703.exe
    O4 - HKCU\..\Run: [80605656.exe] C:\WINDOWS\80605656.exe
    O4 - HKCU\..\Run: [81006656.exe] C:\WINDOWS\81006656.exe
    O4 - HKCU\..\Run: [86334953.exe] C:\WINDOWS\86334953.exe
    O4 - HKCU\..\Run: [86735906.exe] C:\WINDOWS\86735906.exe
    O4 - HKCU\..\Run: [87136968.exe] C:\WINDOWS\87136968.exe
    O4 - HKCU\..\Run: [87537640.exe] C:\WINDOWS\87537640.exe
    O4 - HKCU\..\Run: [87939593.exe] C:\WINDOWS\87939593.exe
    O4 - HKCU\..\Run: [88340234.exe] C:\WINDOWS\88340234.exe
    O4 - HKCU\..\Run: [88740812.exe] C:\WINDOWS\88740812.exe
    O4 - HKCU\..\Run: [89141718.exe] C:\WINDOWS\89141718.exe
    O4 - HKCU\..\Run: [89542484.exe] C:\WINDOWS\89542484.exe
    O4 - HKCU\..\Run: [89943531.exe] C:\WINDOWS\89943531.exe
    O4 - HKCU\..\Run: [90344515.exe] C:\WINDOWS\90344515.exe
    O4 - HKCU\..\Run: [90745140.exe] C:\WINDOWS\90745140.exe
    O4 - HKCU\..\Run: [91146718.exe] C:\WINDOWS\91146718.exe
    O4 - HKCU\..\Run: [91547296.exe] C:\WINDOWS\91547296.exe
    O4 - HKCU\..\Run: [91948171.exe] C:\WINDOWS\91948171.exe
    O4 - HKCU\..\Run: [92348796.exe] C:\WINDOWS\92348796.exe
    O4 - HKCU\..\Run: [92752656.exe] C:\WINDOWS\92752656.exe
    O4 - HKCU\..\Run: [93153625.exe] C:\WINDOWS\93153625.exe
    O4 - HKCU\..\Run: [93554828.exe] C:\WINDOWS\93554828.exe
    O4 - HKCU\..\Run: [93955875.exe] C:\WINDOWS\93955875.exe
    O4 - HKCU\..\Run: [94357187.exe] C:\WINDOWS\94357187.exe
    O4 - HKCU\..\Run: [94757781.exe] C:\WINDOWS\94757781.exe
    O4 - HKCU\..\Run: [95158703.exe] C:\WINDOWS\95158703.exe
    O4 - HKCU\..\Run: [95559281.exe] C:\WINDOWS\95559281.exe
    O4 - HKCU\..\Run: [95959890.exe] C:\WINDOWS\95959890.exe
    O4 - HKCU\..\Run: [96360765.exe] C:\WINDOWS\96360765.exe
    O4 - HKCU\..\Run: [96761296.exe] C:\WINDOWS\96761296.exe
    O4 - HKCU\..\Run: [97161890.exe] C:\WINDOWS\97161890.exe
    O4 - HKCU\..\Run: [97562468.exe] C:\WINDOWS\97562468.exe
    O4 - HKCU\..\Run: [97963078.exe] C:\WINDOWS\97963078.exe
    O4 - HKCU\..\Run: [98363968.exe] C:\WINDOWS\98363968.exe
    O4 - HKCU\..\Run: [98764625.exe] C:\WINDOWS\98764625.exe
    O4 - HKCU\..\Run: [99165875.exe] C:\WINDOWS\99165875.exe
    O4 - HKCU\..\Run: [99566500.exe] C:\WINDOWS\99566500.exe
    O4 - HKCU\..\Run: [99967312.exe] C:\WINDOWS\99967312.exe
    O4 - HKCU\..\Run: [100367937.exe] C:\WINDOWS\100367937.exe
    O4 - HKCU\..\Run: [100768562.exe] C:\WINDOWS\100768562.exe
    O4 - HKCU\..\Run: [101169187.exe] C:\WINDOWS\101169187.exe
    O4 - HKCU\..\Run: [101569781.exe] C:\WINDOWS\101569781.exe
    O4 - HKCU\..\Run: [101970781.exe] C:\WINDOWS\101970781.exe
    O4 - HKCU\..\Run: [102372312.exe] C:\WINDOWS\102372312.exe
    O4 - HKCU\..\Run: [102774984.exe] C:\WINDOWS\102774984.exe
    O4 - HKCU\..\Run: [103175906.exe] C:\WINDOWS\103175906.exe
    O4 - HKCU\..\Run: [103576859.exe] C:\WINDOWS\103576859.exe
    O4 - HKCU\..\Run: [103977796.exe] C:\WINDOWS\103977796.exe
    O4 - HKCU\..\Run: [104378703.exe] C:\WINDOWS\104378703.exe
    O4 - HKCU\..\Run: [104779203.exe] C:\WINDOWS\104779203.exe
    O4 - HKCU\..\Run: [105179734.exe] C:\WINDOWS\105179734.exe
    O4 - HKCU\..\Run: [105580359.exe] C:\WINDOWS\105580359.exe
    O4 - HKCU\..\Run: [105981187.exe] C:\WINDOWS\105981187.exe
    O4 - HKCU\..\Run: [106382093.exe] C:\WINDOWS\106382093.exe
    O4 - HKCU\..\Run: [106782640.exe] C:\WINDOWS\106782640.exe
    O4 - HKCU\..\Run: [107183453.exe] C:\WINDOWS\107183453.exe
    O4 - HKCU\..\Run: [107583968.exe] C:\WINDOWS\107583968.exe
    O4 - HKCU\..\Run: [107984750.exe] C:\WINDOWS\107984750.exe
    O4 - HKCU\..\Run: [108385625.exe] C:\WINDOWS\108385625.exe
    O4 - HKCU\..\Run: [108786125.exe] C:\WINDOWS\108786125.exe
    O4 - HKCU\..\Run: [109186437.exe] C:\WINDOWS\109186437.exe
    O4 - HKCU\..\Run: [109587046.exe] C:\WINDOWS\109587046.exe
    O4 - HKCU\..\Run: [109987578.exe] C:\WINDOWS\109987578.exe
    O4 - HKCU\..\Run: [110388515.exe] C:\WINDOWS\110388515.exe
    O4 - HKCU\..\Run: [110789078.exe] C:\WINDOWS\110789078.exe
    O4 - HKCU\..\Run: [111190062.exe] C:\WINDOWS\111190062.exe
    O4 - HKCU\..\Run: [111590734.exe] C:\WINDOWS\111590734.exe
    O4 - HKCU\..\Run: [111991421.exe] C:\WINDOWS\111991421.exe
    O4 - HKCU\..\Run: [112394125.exe] C:\WINDOWS\112394125.exe

  4. #4
    O4 - HKCU\..\Run: [149421.exe] C:\WINDOWS\149421.exe
    O4 - HKCU\..\Run: [551968.exe] C:\WINDOWS\551968.exe
    O4 - HKCU\..\Run: [953468.exe] C:\WINDOWS\953468.exe
    O4 - HKCU\..\Run: [1353937.exe] C:\WINDOWS\1353937.exe
    O4 - HKCU\..\Run: [20927718.exe] C:\WINDOWS\20927718.exe
    O4 - HKCU\..\Run: [21328828.exe] C:\WINDOWS\21328828.exe
    O4 - HKCU\..\Run: [21730375.exe] C:\WINDOWS\21730375.exe
    O4 - HKCU\..\Run: [22130968.exe] C:\WINDOWS\22130968.exe
    O4 - HKCU\..\Run: [22531515.exe] C:\WINDOWS\22531515.exe
    O4 - HKCU\..\Run: [22932703.exe] C:\WINDOWS\22932703.exe
    O4 - HKCU\..\Run: [23333656.exe] C:\WINDOWS\23333656.exe
    O4 - HKCU\..\Run: [23734187.exe] C:\WINDOWS\23734187.exe
    O4 - HKCU\..\Run: [24135015.exe] C:\WINDOWS\24135015.exe
    O4 - HKCU\..\Run: [24535843.exe] C:\WINDOWS\24535843.exe
    O4 - HKCU\..\Run: [24936734.exe] C:\WINDOWS\24936734.exe
    O4 - HKCU\..\Run: [29256625.exe] C:\WINDOWS\29256625.exe
    O4 - HKCU\..\Run: [29658046.exe] C:\WINDOWS\29658046.exe
    O4 - HKCU\..\Run: [30058703.exe] C:\WINDOWS\30058703.exe
    O4 - HKCU\..\Run: [30459531.exe] C:\WINDOWS\30459531.exe
    O4 - HKCU\..\Run: [30860390.exe] C:\WINDOWS\30860390.exe
    O4 - HKCU\..\Run: [31260890.exe] C:\WINDOWS\31260890.exe
    O4 - HKCU\..\Run: [31661609.exe] C:\WINDOWS\31661609.exe
    O4 - HKCU\..\Run: [34603046.exe] C:\WINDOWS\34603046.exe
    O4 - HKCU\..\Run: [35003718.exe] C:\WINDOWS\35003718.exe
    O4 - HKCU\..\Run: [35404265.exe] C:\WINDOWS\35404265.exe
    O4 - HKCU\..\Run: [35805109.exe] C:\WINDOWS\35805109.exe
    O4 - HKCU\..\Run: [36205625.exe] C:\WINDOWS\36205625.exe
    O4 - HKCU\..\Run: [36605937.exe] C:\WINDOWS\36605937.exe
    O4 - HKCU\..\Run: [37006328.exe] C:\WINDOWS\37006328.exe
    O4 - HKCU\..\Run: [174046.exe] C:\WINDOWS\174046.exe
    O4 - HKCU\..\Run: [576359.exe] C:\WINDOWS\576359.exe
    O4 - HKCU\..\Run: [977093.exe] C:\WINDOWS\977093.exe
    O4 - HKCU\..\Run: [1377375.exe] C:\WINDOWS\1377375.exe
    O4 - HKCU\..\Run: [1777859.exe] C:\WINDOWS\1777859.exe
    O4 - HKCU\..\Run: [2178765.exe] C:\WINDOWS\2178765.exe
    O4 - HKCU\..\Run: [2579015.exe] C:\WINDOWS\2579015.exe
    O4 - HKCU\..\Run: [2979828.exe] C:\WINDOWS\2979828.exe
    O4 - HKCU\..\Run: [3380453.exe] C:\WINDOWS\3380453.exe
    O4 - HKCU\..\Run: [3780734.exe] C:\WINDOWS\3780734.exe
    O4 - HKCU\..\Run: [4181031.exe] C:\WINDOWS\4181031.exe
    O4 - HKCU\..\Run: [4581468.exe] C:\WINDOWS\4581468.exe
    O4 - HKCU\..\Run: [4981640.exe] C:\WINDOWS\4981640.exe
    O4 - HKCU\..\Run: [5382453.exe] C:\WINDOWS\5382453.exe
    O4 - HKCU\..\Run: [5782828.exe] C:\WINDOWS\5782828.exe
    O4 - HKCU\..\Run: [6183156.exe] C:\WINDOWS\6183156.exe
    O4 - HKCU\..\Run: [6583687.exe] C:\WINDOWS\6583687.exe
    O4 - HKCU\..\Run: [6984140.exe] C:\WINDOWS\6984140.exe
    O4 - HKCU\..\Run: [7384468.exe] C:\WINDOWS\7384468.exe
    O4 - HKCU\..\Run: [7785125.exe] C:\WINDOWS\7785125.exe
    O4 - HKCU\..\Run: [8185828.exe] C:\WINDOWS\8185828.exe
    O4 - HKCU\..\Run: [8586343.exe] C:\WINDOWS\8586343.exe
    O4 - HKCU\..\Run: [8986687.exe] C:\WINDOWS\8986687.exe
    O4 - HKCU\..\Run: [9387421.exe] C:\WINDOWS\9387421.exe
    O4 - HKCU\..\Run: [9787765.exe] C:\WINDOWS\9787765.exe
    O4 - HKCU\..\Run: [10188140.exe] C:\WINDOWS\10188140.exe
    O4 - HKCU\..\Run: [10591531.exe] C:\WINDOWS\10591531.exe
    O4 - HKCU\..\Run: [10991781.exe] C:\WINDOWS\10991781.exe
    O4 - HKCU\..\Run: [11392281.exe] C:\WINDOWS\11392281.exe
    O4 - HKCU\..\Run: [11792703.exe] C:\WINDOWS\11792703.exe
    O4 - HKCU\..\Run: [12192937.exe] C:\WINDOWS\12192937.exe
    O4 - HKCU\..\Run: [12593656.exe] C:\WINDOWS\12593656.exe
    O4 - HKCU\..\Run: [12994234.exe] C:\WINDOWS\12994234.exe
    O4 - HKCU\..\Run: [13394609.exe] C:\WINDOWS\13394609.exe
    O4 - HKCU\..\Run: [13794984.exe] C:\WINDOWS\13794984.exe
    O4 - HKCU\..\Run: [14195390.exe] C:\WINDOWS\14195390.exe
    O4 - HKCU\..\Run: [14595781.exe] C:\WINDOWS\14595781.exe
    O4 - HKCU\..\Run: [14996187.exe] C:\WINDOWS\14996187.exe
    O4 - HKCU\..\Run: [15396937.exe] C:\WINDOWS\15396937.exe
    O4 - HKCU\..\Run: [15800203.exe] C:\WINDOWS\15800203.exe
    O4 - HKCU\..\Run: [16200578.exe] C:\WINDOWS\16200578.exe
    O4 - HKCU\..\Run: [16600890.exe] C:\WINDOWS\16600890.exe
    O4 - HKCU\..\Run: [17001296.exe] C:\WINDOWS\17001296.exe
    O4 - HKCU\..\Run: [155203.exe] C:\WINDOWS\155203.exe
    O4 - HKCU\..\Run: [560171.exe] C:\WINDOWS\560171.exe
    O4 - HKCU\..\Run: [960890.exe] C:\WINDOWS\960890.exe
    O4 - HKCU\..\Run: [1361343.exe] C:\WINDOWS\1361343.exe
    O4 - HKCU\..\Run: [1761687.exe] C:\WINDOWS\1761687.exe
    O4 - HKCU\..\Run: [2162750.exe] C:\WINDOWS\2162750.exe
    O4 - HKCU\..\Run: [3618468.exe] C:\WINDOWS\3618468.exe
    O4 - HKCU\..\Run: [4018765.exe] C:\WINDOWS\4018765.exe
    O4 - HKCU\..\Run: [4419296.exe] C:\WINDOWS\4419296.exe
    O4 - HKCU\..\Run: [4819984.exe] C:\WINDOWS\4819984.exe
    O4 - HKCU\..\Run: [5220687.exe] C:\WINDOWS\5220687.exe
    O4 - HKCU\..\Run: [5621000.exe] C:\WINDOWS\5621000.exe
    O4 - HKCU\..\Run: [6021687.exe] C:\WINDOWS\6021687.exe
    O4 - HKCU\..\Run: [6422000.exe] C:\WINDOWS\6422000.exe
    O4 - HKCU\..\Run: [6822296.exe] C:\WINDOWS\6822296.exe
    O4 - HKCU\..\Run: [7223171.exe] C:\WINDOWS\7223171.exe
    O4 - HKCU\..\Run: [7624125.exe] C:\WINDOWS\7624125.exe
    O4 - HKCU\..\Run: [133812.exe] C:\WINDOWS\133812.exe
    O4 - HKCU\..\Run: [536218.exe] C:\WINDOWS\536218.exe
    O4 - HKCU\..\Run: [936500.exe] C:\WINDOWS\936500.exe
    O4 - HKCU\..\Run: [1336859.exe] C:\WINDOWS\1336859.exe
    O4 - HKCU\..\Run: [1737171.exe] C:\WINDOWS\1737171.exe
    O4 - HKCU\..\Run: [2137484.exe] C:\WINDOWS\2137484.exe
    O4 - HKCU\..\Run: [2538125.exe] C:\WINDOWS\2538125.exe
    O4 - HKCU\..\Run: [2938437.exe] C:\WINDOWS\2938437.exe
    O4 - HKCU\..\Run: [3338703.exe] C:\WINDOWS\3338703.exe
    O4 - HKCU\..\Run: [136390.exe] C:\WINDOWS\136390.exe
    O4 - HKCU\..\Run: [540468.exe] C:\WINDOWS\540468.exe
    O4 - HKCU\..\Run: [160593.exe] C:\WINDOWS\160593.exe
    O4 - HKCU\..\Run: [561875.exe] C:\WINDOWS\561875.exe
    O4 - HKCU\..\Run: [962531.exe] C:\WINDOWS\962531.exe
    O4 - HKCU\..\Run: [1362953.exe] C:\WINDOWS\1362953.exe
    O4 - HKCU\..\Run: [1763296.exe] C:\WINDOWS\1763296.exe
    O4 - HKCU\..\Run: [2163968.exe] C:\WINDOWS\2163968.exe
    O4 - HKCU\..\Run: [2564531.exe] C:\WINDOWS\2564531.exe
    O4 - HKCU\..\Run: [2965234.exe] C:\WINDOWS\2965234.exe
    O4 - HKCU\..\Run: [3365828.exe] C:\WINDOWS\3365828.exe
    O4 - HKCU\..\Run: [3766578.exe] C:\WINDOWS\3766578.exe
    O4 - HKCU\..\Run: [4166984.exe] C:\WINDOWS\4166984.exe
    O4 - HKCU\..\Run: [4567671.exe] C:\WINDOWS\4567671.exe
    O4 - HKCU\..\Run: [4968171.exe] C:\WINDOWS\4968171.exe
    O4 - HKCU\..\Run: [5368843.exe] C:\WINDOWS\5368843.exe
    O4 - HKCU\..\Run: [5769125.exe] C:\WINDOWS\5769125.exe
    O4 - HKCU\..\Run: [6172718.exe] C:\WINDOWS\6172718.exe
    O4 - HKCU\..\Run: [6573000.exe] C:\WINDOWS\6573000.exe
    O4 - HKCU\..\Run: [6973578.exe] C:\WINDOWS\6973578.exe
    O4 - HKCU\..\Run: [7374140.exe] C:\WINDOWS\7374140.exe
    O4 - HKCU\..\Run: [7774750.exe] C:\WINDOWS\7774750.exe
    O4 - HKCU\..\Run: [8175015.exe] C:\WINDOWS\8175015.exe
    O4 - HKCU\..\Run: [8575375.exe] C:\WINDOWS\8575375.exe
    O4 - HKCU\..\Run: [8976265.exe] C:\WINDOWS\8976265.exe
    O4 - HKCU\..\Run: [9376546.exe] C:\WINDOWS\9376546.exe
    O4 - HKCU\..\Run: [9776750.exe] C:\WINDOWS\9776750.exe
    O4 - HKCU\..\Run: [10177031.exe] C:\WINDOWS\10177031.exe
    O4 - HKCU\..\Run: [10577468.exe] C:\WINDOWS\10577468.exe
    O4 - HKCU\..\Run: [10978140.exe] C:\WINDOWS\10978140.exe
    O4 - HKCU\..\Run: [11378859.exe] C:\WINDOWS\11378859.exe
    O4 - HKCU\..\Run: [11779140.exe] C:\WINDOWS\11779140.exe
    O4 - HKCU\..\Run: [12179421.exe] C:\WINDOWS\12179421.exe
    O4 - HKCU\..\Run: [12580218.exe] C:\WINDOWS\12580218.exe
    O4 - HKCU\..\Run: [12980515.exe] C:\WINDOWS\12980515.exe
    O4 - HKCU\..\Run: [13381312.exe] C:\WINDOWS\13381312.exe
    O4 - HKCU\..\Run: [143890.exe] C:\WINDOWS\143890.exe

  5. #5
    O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
    O4 - Startup: PowerReg Scheduler V3.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Picture Package Menu.lnk = ?
    O4 - Global Startup: Picture Package VCD Maker.lnk = ?
    O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
    O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
    O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
    O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
    O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O14 - IERESET.INF: START_PAGE_URL=http://qus8l.hpwis.com
    O16 - DPF: {04B6182D-FB75-11D4-90D2-0000B4948C7C} (cre8tiv 3Di ATL Control (Internet)) - http://www.quick-step.com/distribution/cre8tiv3dix.cab
    O16 - DPF: {099513A2-15DE-49B2-B543-45DE6254DC00} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yaho...opper1_6aa.cab
    O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175...at-no-eula.cab
    O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by20fd.bay20.hotmail.msn.com/...s/MsnPUpld.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/3020a04a...p/RdxIE601.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1124761854453
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1161841830781
    O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgallery.com/download...1/axofupld.cab
    O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yaho...ymmapi_416.dll
    O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.0 Control) - http://babydeluna.multiply.com/photos/uploader.cab
    O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploa...loadClient.cab
    O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} (View22RTE Class) - http://hgtv2.view22.com/view22/app/view22rte.cab
    O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
    O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
    O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: MBackMonitor - - C:\Program Files\McAfee\MBK\MBackMonitor.exe
    O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
    O23 - Service: McAfee Log Manager (McLogManagerService) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
    O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Task Scheduler (mctskshd.exe) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mctskshd.exe
    O23 - Service: McAfee User Manager (mcusrmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe

  6. #6
    Join Date
    Jul 2001
    Location
    Wyncote, PA, USA
    Posts
    10,267
    Wow, what a mess.

    Lets start with AVG AS (Ewido) scan:

    Please download, install, and update Ewido anti-spyware

    1. Load Ewido and then click the Update tab at the top. Under Manual Update click Start update.
    2. After the update finishes (the status bar at the bottom will display "Update successful")
    3. Close ewido. Do not run it yet.


    Please reboot your computer into Safe Mode. To boot into Safe Mode, please restart your computer. Tap F8 before Windows loads. Select Safe Mode on the screen that appears.

    • In Safe Mode, load Ewido and click on the Scanner tab at the top. Click the "Settings" tab and then change the recommended action to Quarantine and click Automatically generate report after every scan. Click back to the "Scan" tab and then click on Complete System Scan. This scan can take quite a while to run, so be prepared.
    • Ewido will list any infections found on the left hand side. When the scan has finished, it will automatically set the recommended action. Click the Apply all actions button. Ewido will display "All actions have been applied" on the right hand side.
    • Click on "Save Report", then "Save Report As". This will create a text file. Make sure you know where to find this file again (like on the Desktop).
    • Restart back into Normal Mode.


    Please perform another scan with Hijack This, and then post back with a copy of the Ewido log and the new HijackThis log.
    No two moments are alike and a person who thinks that any two moments are alike has never lived.

    A.J. Heschel

  7. #7
    I'm also getting this message box:

    "Generic Host Process for Win32 Services

    Generic Host Process for Win32 has encountered a prolem and needs to close. We are sorry for the inconvenience."

  8. #8
    Thanks for the quick response Classicsoftware. I'll try your advice.

  9. #9
    I can't even seem to install AVG. Whenever it's around 90% installed, it hangs.

  10. #10
    Join Date
    Jul 2001
    Location
    Wyncote, PA, USA
    Posts
    10,267
    Try this in safe mode with networking support...
    No two moments are alike and a person who thinks that any two moments are alike has never lived.

    A.J. Heschel

  11. #11
    Join Date
    Jul 2002
    Location
    Minn
    Posts
    17,373
    Quote Originally Posted by classicsoftware View Post
    Try this in safe mode with networking support...
    If you go into Safe Mode with networking support, be sure to IMMEDIATELY turn on your antivirus and firewall manually... They will generally not load in Safe Mode...
    Budfred ..... Caveat Emptor....

    Helpful links SpywareBlaster... HijackThis... ATF Cleaner...

    Post a complaint about malware here!!
    So how did I get infected in the first place??

    MS MVP 2006 and ASAP member since 2004...

    If you PM me for help, expect an irritated response... Post in the forum...

  12. #12
    here's the ewido log:

    ---------------------------------------------------------
    AVG Anti-Spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 11:15:36 AM 10/29/2006

    + Scan result:



    HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Cleaned with backup (quarantined).
    :mozilla.55:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.247realmedia : Cleaned.
    :mozilla.56:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.247realmedia : Cleaned.
    :mozilla.148:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.181:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.243:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.278:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.374:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.391:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.508:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.57:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.58:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.59:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.60:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.61:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.62:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.63:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.64:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.65:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.66:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.67:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.68:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.69:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.70:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.71:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.72:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.73:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.74:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.75:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.76:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.77:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.78:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.79:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.80:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.81:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.82:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.83:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.84:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.531:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.92:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.93:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.94:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.95:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.100:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.704:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.705:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.706:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.707:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.643:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Adserver : Cleaned.
    :mozilla.644:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Adserver : Cleaned.
    :mozilla.105:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Adtech : Cleaned.
    :mozilla.106:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Adtech : Cleaned.
    :mozilla.19:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.20:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.21:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.22:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.53:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Atdmt : Cleaned.
    C:\Documents and Settings\LocalService\Cookies\mondie@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.

  13. #13
    :mozilla.678:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Bridgetrack : Cleaned.
    :mozilla.679:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Bridgetrack : Cleaned.
    :mozilla.680:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Bridgetrack : Cleaned.
    :mozilla.778:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Burstbeacon : Cleaned.
    :mozilla.156:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Burstnet : Cleaned.
    :mozilla.779:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Burstnet : Cleaned.
    :mozilla.173:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Centrport : Cleaned.
    :mozilla.193:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Clickzs : Cleaned.
    :mozilla.194:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Clickzs : Cleaned.
    :mozilla.184:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Com : Cleaned.
    :mozilla.220:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.221:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.98:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Euroclick : Cleaned.
    :mozilla.115:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.119:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.120:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.121:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.799:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Googleadservices : Cleaned.
    :mozilla.800:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Googleadservices : Cleaned.
    :mozilla.717:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.718:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.719:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.435:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Overture : Cleaned.
    :mozilla.436:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Overture : Cleaned.
    :mozilla.445:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Overture : Cleaned.
    :mozilla.101:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.102:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.103:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.104:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.454:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Pro-market : Cleaned.
    :mozilla.455:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Qksrv : Cleaned.
    :mozilla.456:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Qksrv : Cleaned.
    :mozilla.458:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Questionmarket : Cleaned.
    :mozilla.459:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Questionmarket : Cleaned.
    :mozilla.460:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Questionmarket : Cleaned.
    :mozilla.230:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Ru4 : Cleaned.
    :mozilla.231:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Ru4 : Cleaned.
    :mozilla.155:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.509:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.510:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.511:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.512:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.513:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.99:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.546:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.

  14. #14
    :mozilla.547:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.573:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.574:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.575:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.576:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.577:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.578:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.579:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.580:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.581:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.582:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.583:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Trafic : Cleaned.
    :mozilla.586:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    :mozilla.479:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Valuead : Cleaned.
    :mozilla.480:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Valuead : Cleaned.
    :mozilla.481:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Valuead : Cleaned.
    :mozilla.482:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Valuead : Cleaned.
    :mozilla.483:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Valuead : Cleaned.
    :mozilla.656:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.657:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.658:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.645:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned.
    :mozilla.646:C:\Documents and Settings\Mondie\Application Data\Mozilla\Firefox\Profiles\rsmurfpw.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned.
    C:\System Volume Information\_restore{EABCAB45-42A4-472A-8674-85AD723A5F23}\RP284\A0034322.sys -> Trojan.Small.bs : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{EABCAB45-42A4-472A-8674-85AD723A5F23}\RP284\A0035310.sys -> Trojan.Small.bs : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{EABCAB45-42A4-472A-8674-85AD723A5F23}\RP284\A0036309.sys -> Trojan.Small.bs : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{EABCAB45-42A4-472A-8674-85AD723A5F23}\RP284\A0037310.sys -> Trojan.Small.bs : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{EABCAB45-42A4-472A-8674-85AD723A5F23}\RP284\A0038319.sys -> Trojan.Small.bs : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{EABCAB45-42A4-472A-8674-85AD723A5F23}\RP284\A0039330.sys -> Trojan.Small.bs : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{EABCAB45-42A4-472A-8674-85AD723A5F23}\RP284\A0040321.sys -> Trojan.Small.bs : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{EABCAB45-42A4-472A-8674-85AD723A5F23}\RP284\A0041320.sys -> Trojan.Small.bs : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{EABCAB45-42A4-472A-8674-85AD723A5F23}\RP284\A0042365.sys -> Trojan.Small.bs : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{EABCAB45-42A4-472A-8674-85AD723A5F23}\RP284\A0042603.sys -> Trojan.Small.bs : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{EABCAB45-42A4-472A-8674-85AD723A5F23}\RP284\A0042799.sys -> Trojan.Small.bs : Cleaned with backup (quarantined).


    ::Report end

  15. #15
    ...and here's the new highjackthis log:

    Logfile of HijackThis v1.99.1
    Scan saved at 11:22:45 AM, on 10/29/2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
    C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
    C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
    c:\program files\common files\mcafee\mna\mcnasvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    C:\PROGRA~1\McAfee\MSC\mctskshd.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\HPZipm12.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
    C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
    C:\WINDOWS\System32\hphmon05.exe
    C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb1 2.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    C:\WINDOWS\System32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
    C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
    C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
    C:\Program Files\Hijackthis\HijackThis.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...ch/search.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...ch/search.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://encarta.msn.com/teleport/acti...p?pid=51957HP1
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
    O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
    O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
    O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
    O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
    O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
    O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb1 2.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [McAfee Backup] C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
    O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [ttool] C:\WINDOWS\9129837.exe

  16. #16
    O4 - HKCU\..\Run: [158031.exe] C:\WINDOWS\158031.exe
    O4 - HKCU\..\Run: [561296.exe] C:\WINDOWS\561296.exe
    O4 - HKCU\..\Run: [961656.exe] C:\WINDOWS\961656.exe
    O4 - HKCU\..\Run: [1362453.exe] C:\WINDOWS\1362453.exe
    O4 - HKCU\..\Run: [1763000.exe] C:\WINDOWS\1763000.exe
    O4 - HKCU\..\Run: [2163703.exe] C:\WINDOWS\2163703.exe
    O4 - HKCU\..\Run: [2565125.exe] C:\WINDOWS\2565125.exe
    O4 - HKCU\..\Run: [2969015.exe] C:\WINDOWS\2969015.exe
    O4 - HKCU\..\Run: [3369828.exe] C:\WINDOWS\3369828.exe
    O4 - HKCU\..\Run: [3770281.exe] C:\WINDOWS\3770281.exe
    O4 - HKCU\..\Run: [4171437.exe] C:\WINDOWS\4171437.exe
    O4 - HKCU\..\Run: [4571859.exe] C:\WINDOWS\4571859.exe
    O4 - HKCU\..\Run: [4972359.exe] C:\WINDOWS\4972359.exe
    O4 - HKCU\..\Run: [5372718.exe] C:\WINDOWS\5372718.exe
    O4 - HKCU\..\Run: [5773218.exe] C:\WINDOWS\5773218.exe
    O4 - HKCU\..\Run: [6173937.exe] C:\WINDOWS\6173937.exe
    O4 - HKCU\..\Run: [6574625.exe] C:\WINDOWS\6574625.exe
    O4 - HKCU\..\Run: [6975781.exe] C:\WINDOWS\6975781.exe
    O4 - HKCU\..\Run: [7376218.exe] C:\WINDOWS\7376218.exe
    O4 - HKCU\..\Run: [7776984.exe] C:\WINDOWS\7776984.exe
    O4 - HKCU\..\Run: [9570906.exe] C:\WINDOWS\9570906.exe
    O4 - HKCU\..\Run: [9974406.exe] C:\WINDOWS\9974406.exe
    O4 - HKCU\..\Run: [10375171.exe] C:\WINDOWS\10375171.exe
    O4 - HKCU\..\Run: [10776109.exe] C:\WINDOWS\10776109.exe
    O4 - HKCU\..\Run: [11176640.exe] C:\WINDOWS\11176640.exe
    O4 - HKCU\..\Run: [11577687.exe] C:\WINDOWS\11577687.exe
    O4 - HKCU\..\Run: [11978093.exe] C:\WINDOWS\11978093.exe
    O4 - HKCU\..\Run: [18813281.exe] C:\WINDOWS\18813281.exe
    O4 - HKCU\..\Run: [19213750.exe] C:\WINDOWS\19213750.exe
    O4 - HKCU\..\Run: [19614171.exe] C:\WINDOWS\19614171.exe
    O4 - HKCU\..\Run: [20014734.exe] C:\WINDOWS\20014734.exe
    O4 - HKCU\..\Run: [20415546.exe] C:\WINDOWS\20415546.exe
    O4 - HKCU\..\Run: [74984312.exe] C:\WINDOWS\74984312.exe
    O4 - HKCU\..\Run: [75385953.exe] C:\WINDOWS\75385953.exe
    O4 - HKCU\..\Run: [75787031.exe] C:\WINDOWS\75787031.exe
    O4 - HKCU\..\Run: [76187890.exe] C:\WINDOWS\76187890.exe
    O4 - HKCU\..\Run: [76590468.exe] C:\WINDOWS\76590468.exe
    O4 - HKCU\..\Run: [76992546.exe] C:\WINDOWS\76992546.exe
    O4 - HKCU\..\Run: [77394156.exe] C:\WINDOWS\77394156.exe
    O4 - HKCU\..\Run: [77795953.exe] C:\WINDOWS\77795953.exe
    O4 - HKCU\..\Run: [78196718.exe] C:\WINDOWS\78196718.exe
    O4 - HKCU\..\Run: [78597453.exe] C:\WINDOWS\78597453.exe
    O4 - HKCU\..\Run: [78999625.exe] C:\WINDOWS\78999625.exe
    O4 - HKCU\..\Run: [79401156.exe] C:\WINDOWS\79401156.exe
    O4 - HKCU\..\Run: [79802187.exe] C:\WINDOWS\79802187.exe
    O4 - HKCU\..\Run: [80204703.exe] C:\WINDOWS\80204703.exe
    O4 - HKCU\..\Run: [80605656.exe] C:\WINDOWS\80605656.exe
    O4 - HKCU\..\Run: [81006656.exe] C:\WINDOWS\81006656.exe
    O4 - HKCU\..\Run: [86334953.exe] C:\WINDOWS\86334953.exe
    O4 - HKCU\..\Run: [86735906.exe] C:\WINDOWS\86735906.exe
    O4 - HKCU\..\Run: [87136968.exe] C:\WINDOWS\87136968.exe
    O4 - HKCU\..\Run: [87537640.exe] C:\WINDOWS\87537640.exe
    O4 - HKCU\..\Run: [87939593.exe] C:\WINDOWS\87939593.exe
    O4 - HKCU\..\Run: [88340234.exe] C:\WINDOWS\88340234.exe
    O4 - HKCU\..\Run: [88740812.exe] C:\WINDOWS\88740812.exe
    O4 - HKCU\..\Run: [89141718.exe] C:\WINDOWS\89141718.exe
    O4 - HKCU\..\Run: [89542484.exe] C:\WINDOWS\89542484.exe
    O4 - HKCU\..\Run: [89943531.exe] C:\WINDOWS\89943531.exe
    O4 - HKCU\..\Run: [90344515.exe] C:\WINDOWS\90344515.exe
    O4 - HKCU\..\Run: [90745140.exe] C:\WINDOWS\90745140.exe
    O4 - HKCU\..\Run: [91146718.exe] C:\WINDOWS\91146718.exe
    O4 - HKCU\..\Run: [91547296.exe] C:\WINDOWS\91547296.exe
    O4 - HKCU\..\Run: [91948171.exe] C:\WINDOWS\91948171.exe
    O4 - HKCU\..\Run: [92348796.exe] C:\WINDOWS\92348796.exe
    O4 - HKCU\..\Run: [92752656.exe] C:\WINDOWS\92752656.exe
    O4 - HKCU\..\Run: [93153625.exe] C:\WINDOWS\93153625.exe
    O4 - HKCU\..\Run: [93554828.exe] C:\WINDOWS\93554828.exe
    O4 - HKCU\..\Run: [93955875.exe] C:\WINDOWS\93955875.exe
    O4 - HKCU\..\Run: [94357187.exe] C:\WINDOWS\94357187.exe
    O4 - HKCU\..\Run: [94757781.exe] C:\WINDOWS\94757781.exe
    O4 - HKCU\..\Run: [95158703.exe] C:\WINDOWS\95158703.exe
    O4 - HKCU\..\Run: [95559281.exe] C:\WINDOWS\95559281.exe
    O4 - HKCU\..\Run: [95959890.exe] C:\WINDOWS\95959890.exe

  17. #17
    O4 - HKCU\..\Run: [96360765.exe] C:\WINDOWS\96360765.exe
    O4 - HKCU\..\Run: [96761296.exe] C:\WINDOWS\96761296.exe
    O4 - HKCU\..\Run: [97161890.exe] C:\WINDOWS\97161890.exe
    O4 - HKCU\..\Run: [97562468.exe] C:\WINDOWS\97562468.exe
    O4 - HKCU\..\Run: [97963078.exe] C:\WINDOWS\97963078.exe
    O4 - HKCU\..\Run: [98363968.exe] C:\WINDOWS\98363968.exe
    O4 - HKCU\..\Run: [98764625.exe] C:\WINDOWS\98764625.exe
    O4 - HKCU\..\Run: [99165875.exe] C:\WINDOWS\99165875.exe
    O4 - HKCU\..\Run: [99566500.exe] C:\WINDOWS\99566500.exe
    O4 - HKCU\..\Run: [99967312.exe] C:\WINDOWS\99967312.exe
    O4 - HKCU\..\Run: [100367937.exe] C:\WINDOWS\100367937.exe
    O4 - HKCU\..\Run: [100768562.exe] C:\WINDOWS\100768562.exe
    O4 - HKCU\..\Run: [101169187.exe] C:\WINDOWS\101169187.exe
    O4 - HKCU\..\Run: [101569781.exe] C:\WINDOWS\101569781.exe
    O4 - HKCU\..\Run: [101970781.exe] C:\WINDOWS\101970781.exe
    O4 - HKCU\..\Run: [102372312.exe] C:\WINDOWS\102372312.exe
    O4 - HKCU\..\Run: [102774984.exe] C:\WINDOWS\102774984.exe
    O4 - HKCU\..\Run: [103175906.exe] C:\WINDOWS\103175906.exe
    O4 - HKCU\..\Run: [103576859.exe] C:\WINDOWS\103576859.exe
    O4 - HKCU\..\Run: [103977796.exe] C:\WINDOWS\103977796.exe
    O4 - HKCU\..\Run: [104378703.exe] C:\WINDOWS\104378703.exe
    O4 - HKCU\..\Run: [104779203.exe] C:\WINDOWS\104779203.exe
    O4 - HKCU\..\Run: [105179734.exe] C:\WINDOWS\105179734.exe
    O4 - HKCU\..\Run: [105580359.exe] C:\WINDOWS\105580359.exe
    O4 - HKCU\..\Run: [105981187.exe] C:\WINDOWS\105981187.exe
    O4 - HKCU\..\Run: [106382093.exe] C:\WINDOWS\106382093.exe
    O4 - HKCU\..\Run: [106782640.exe] C:\WINDOWS\106782640.exe
    O4 - HKCU\..\Run: [107183453.exe] C:\WINDOWS\107183453.exe
    O4 - HKCU\..\Run: [107583968.exe] C:\WINDOWS\107583968.exe
    O4 - HKCU\..\Run: [107984750.exe] C:\WINDOWS\107984750.exe
    O4 - HKCU\..\Run: [108385625.exe] C:\WINDOWS\108385625.exe
    O4 - HKCU\..\Run: [108786125.exe] C:\WINDOWS\108786125.exe
    O4 - HKCU\..\Run: [109186437.exe] C:\WINDOWS\109186437.exe
    O4 - HKCU\..\Run: [109587046.exe] C:\WINDOWS\109587046.exe
    O4 - HKCU\..\Run: [109987578.exe] C:\WINDOWS\109987578.exe
    O4 - HKCU\..\Run: [110388515.exe] C:\WINDOWS\110388515.exe
    O4 - HKCU\..\Run: [110789078.exe] C:\WINDOWS\110789078.exe
    O4 - HKCU\..\Run: [111190062.exe] C:\WINDOWS\111190062.exe
    O4 - HKCU\..\Run: [111590734.exe] C:\WINDOWS\111590734.exe
    O4 - HKCU\..\Run: [111991421.exe] C:\WINDOWS\111991421.exe
    O4 - HKCU\..\Run: [112394125.exe] C:\WINDOWS\112394125.exe
    O4 - HKCU\..\Run: [149421.exe] C:\WINDOWS\149421.exe
    O4 - HKCU\..\Run: [551968.exe] C:\WINDOWS\551968.exe
    O4 - HKCU\..\Run: [953468.exe] C:\WINDOWS\953468.exe
    O4 - HKCU\..\Run: [1353937.exe] C:\WINDOWS\1353937.exe
    O4 - HKCU\..\Run: [20927718.exe] C:\WINDOWS\20927718.exe
    O4 - HKCU\..\Run: [21328828.exe] C:\WINDOWS\21328828.exe
    O4 - HKCU\..\Run: [21730375.exe] C:\WINDOWS\21730375.exe
    O4 - HKCU\..\Run: [22130968.exe] C:\WINDOWS\22130968.exe
    O4 - HKCU\..\Run: [22531515.exe] C:\WINDOWS\22531515.exe
    O4 - HKCU\..\Run: [22932703.exe] C:\WINDOWS\22932703.exe
    O4 - HKCU\..\Run: [23333656.exe] C:\WINDOWS\23333656.exe
    O4 - HKCU\..\Run: [23734187.exe] C:\WINDOWS\23734187.exe
    O4 - HKCU\..\Run: [24135015.exe] C:\WINDOWS\24135015.exe
    O4 - HKCU\..\Run: [24535843.exe] C:\WINDOWS\24535843.exe
    O4 - HKCU\..\Run: [24936734.exe] C:\WINDOWS\24936734.exe
    O4 - HKCU\..\Run: [29256625.exe] C:\WINDOWS\29256625.exe
    O4 - HKCU\..\Run: [29658046.exe] C:\WINDOWS\29658046.exe
    O4 - HKCU\..\Run: [30058703.exe] C:\WINDOWS\30058703.exe
    O4 - HKCU\..\Run: [30459531.exe] C:\WINDOWS\30459531.exe
    O4 - HKCU\..\Run: [30860390.exe] C:\WINDOWS\30860390.exe
    O4 - HKCU\..\Run: [31260890.exe] C:\WINDOWS\31260890.exe
    O4 - HKCU\..\Run: [31661609.exe] C:\WINDOWS\31661609.exe
    O4 - HKCU\..\Run: [34603046.exe] C:\WINDOWS\34603046.exe
    O4 - HKCU\..\Run: [35003718.exe] C:\WINDOWS\35003718.exe
    O4 - HKCU\..\Run: [35404265.exe] C:\WINDOWS\35404265.exe
    O4 - HKCU\..\Run: [35805109.exe] C:\WINDOWS\35805109.exe
    O4 - HKCU\..\Run: [36205625.exe] C:\WINDOWS\36205625.exe
    O4 - HKCU\..\Run: [36605937.exe] C:\WINDOWS\36605937.exe
    O4 - HKCU\..\Run: [37006328.exe] C:\WINDOWS\37006328.exe
    O4 - HKCU\..\Run: [174046.exe] C:\WINDOWS\174046.exe
    O4 - HKCU\..\Run: [576359.exe] C:\WINDOWS\576359.exe
    O4 - HKCU\..\Run: [977093.exe] C:\WINDOWS\977093.exe
    O4 - HKCU\..\Run: [1377375.exe] C:\WINDOWS\1377375.exe
    O4 - HKCU\..\Run: [1777859.exe] C:\WINDOWS\1777859.exe
    O4 - HKCU\..\Run: [2178765.exe] C:\WINDOWS\2178765.exe
    O4 - HKCU\..\Run: [2579015.exe] C:\WINDOWS\2579015.exe
    O4 - HKCU\..\Run: [2979828.exe] C:\WINDOWS\2979828.exe
    O4 - HKCU\..\Run: [3380453.exe] C:\WINDOWS\3380453.exe
    O4 - HKCU\..\Run: [3780734.exe] C:\WINDOWS\3780734.exe
    O4 - HKCU\..\Run: [4181031.exe] C:\WINDOWS\4181031.exe
    O4 - HKCU\..\Run: [4581468.exe] C:\WINDOWS\4581468.exe
    O4 - HKCU\..\Run: [4981640.exe] C:\WINDOWS\4981640.exe
    O4 - HKCU\..\Run: [5382453.exe] C:\WINDOWS\5382453.exe
    O4 - HKCU\..\Run: [5782828.exe] C:\WINDOWS\5782828.exe
    O4 - HKCU\..\Run: [6183156.exe] C:\WINDOWS\6183156.exe
    O4 - HKCU\..\Run: [6583687.exe] C:\WINDOWS\6583687.exe
    O4 - HKCU\..\Run: [6984140.exe] C:\WINDOWS\6984140.exe
    O4 - HKCU\..\Run: [7384468.exe] C:\WINDOWS\7384468.exe
    O4 - HKCU\..\Run: [7785125.exe] C:\WINDOWS\7785125.exe
    O4 - HKCU\..\Run: [8185828.exe] C:\WINDOWS\8185828.exe
    O4 - HKCU\..\Run: [8586343.exe] C:\WINDOWS\8586343.exe
    O4 - HKCU\..\Run: [8986687.exe] C:\WINDOWS\8986687.exe
    O4 - HKCU\..\Run: [9387421.exe] C:\WINDOWS\9387421.exe
    O4 - HKCU\..\Run: [9787765.exe] C:\WINDOWS\9787765.exe
    O4 - HKCU\..\Run: [10188140.exe] C:\WINDOWS\10188140.exe
    O4 - HKCU\..\Run: [10591531.exe] C:\WINDOWS\10591531.exe
    O4 - HKCU\..\Run: [10991781.exe] C:\WINDOWS\10991781.exe
    O4 - HKCU\..\Run: [11392281.exe] C:\WINDOWS\11392281.exe
    O4 - HKCU\..\Run: [11792703.exe] C:\WINDOWS\11792703.exe
    O4 - HKCU\..\Run: [12192937.exe] C:\WINDOWS\12192937.exe
    O4 - HKCU\..\Run: [12593656.exe] C:\WINDOWS\12593656.exe
    O4 - HKCU\..\Run: [12994234.exe] C:\WINDOWS\12994234.exe
    O4 - HKCU\..\Run: [13394609.exe] C:\WINDOWS\13394609.exe
    O4 - HKCU\..\Run: [13794984.exe] C:\WINDOWS\13794984.exe
    O4 - HKCU\..\Run: [14195390.exe] C:\WINDOWS\14195390.exe
    O4 - HKCU\..\Run: [14595781.exe] C:\WINDOWS\14595781.exe
    O4 - HKCU\..\Run: [14996187.exe] C:\WINDOWS\14996187.exe
    O4 - HKCU\..\Run: [15396937.exe] C:\WINDOWS\15396937.exe
    O4 - HKCU\..\Run: [15800203.exe] C:\WINDOWS\15800203.exe
    O4 - HKCU\..\Run: [16200578.exe] C:\WINDOWS\16200578.exe
    O4 - HKCU\..\Run: [16600890.exe] C:\WINDOWS\16600890.exe
    O4 - HKCU\..\Run: [17001296.exe] C:\WINDOWS\17001296.exe
    O4 - HKCU\..\Run: [155203.exe] C:\WINDOWS\155203.exe
    O4 - HKCU\..\Run: [560171.exe] C:\WINDOWS\560171.exe
    O4 - HKCU\..\Run: [960890.exe] C:\WINDOWS\960890.exe
    O4 - HKCU\..\Run: [1361343.exe] C:\WINDOWS\1361343.exe
    O4 - HKCU\..\Run: [1761687.exe] C:\WINDOWS\1761687.exe
    O4 - HKCU\..\Run: [2162750.exe] C:\WINDOWS\2162750.exe
    O4 - HKCU\..\Run: [3618468.exe] C:\WINDOWS\3618468.exe
    O4 - HKCU\..\Run: [4018765.exe] C:\WINDOWS\4018765.exe
    O4 - HKCU\..\Run: [4419296.exe] C:\WINDOWS\4419296.exe
    O4 - HKCU\..\Run: [4819984.exe] C:\WINDOWS\4819984.exe
    O4 - HKCU\..\Run: [5220687.exe] C:\WINDOWS\5220687.exe
    O4 - HKCU\..\Run: [5621000.exe] C:\WINDOWS\5621000.exe
    O4 - HKCU\..\Run: [6021687.exe] C:\WINDOWS\6021687.exe
    O4 - HKCU\..\Run: [6422000.exe] C:\WINDOWS\6422000.exe
    O4 - HKCU\..\Run: [6822296.exe] C:\WINDOWS\6822296.exe
    O4 - HKCU\..\Run: [7223171.exe] C:\WINDOWS\7223171.exe
    O4 - HKCU\..\Run: [7624125.exe] C:\WINDOWS\7624125.exe
    O4 - HKCU\..\Run: [133812.exe] C:\WINDOWS\133812.exe
    O4 - HKCU\..\Run: [536218.exe] C:\WINDOWS\536218.exe
    O4 - HKCU\..\Run: [936500.exe] C:\WINDOWS\936500.exe
    O4 - HKCU\..\Run: [1336859.exe] C:\WINDOWS\1336859.exe
    O4 - HKCU\..\Run: [1737171.exe] C:\WINDOWS\1737171.exe
    O4 - HKCU\..\Run: [2137484.exe] C:\WINDOWS\2137484.exe
    O4 - HKCU\..\Run: [2538125.exe] C:\WINDOWS\2538125.exe
    O4 - HKCU\..\Run: [2938437.exe] C:\WINDOWS\2938437.exe
    O4 - HKCU\..\Run: [3338703.exe] C:\WINDOWS\3338703.exe
    O4 - HKCU\..\Run: [136390.exe] C:\WINDOWS\136390.exe
    O4 - HKCU\..\Run: [540468.exe] C:\WINDOWS\540468.exe
    O4 - HKCU\..\Run: [160593.exe] C:\WINDOWS\160593.exe
    O4 - HKCU\..\Run: [561875.exe] C:\WINDOWS\561875.exe
    O4 - HKCU\..\Run: [962531.exe] C:\WINDOWS\962531.exe
    O4 - HKCU\..\Run: [1362953.exe] C:\WINDOWS\1362953.exe
    O4 - HKCU\..\Run: [1763296.exe] C:\WINDOWS\1763296.exe
    O4 - HKCU\..\Run: [2163968.exe] C:\WINDOWS\2163968.exe
    O4 - HKCU\..\Run: [2564531.exe] C:\WINDOWS\2564531.exe
    O4 - HKCU\..\Run: [2965234.exe] C:\WINDOWS\2965234.exe
    O4 - HKCU\..\Run: [3365828.exe] C:\WINDOWS\3365828.exe
    O4 - HKCU\..\Run: [3766578.exe] C:\WINDOWS\3766578.exe
    O4 - HKCU\..\Run: [4166984.exe] C:\WINDOWS\4166984.exe
    O4 - HKCU\..\Run: [4567671.exe] C:\WINDOWS\4567671.exe
    O4 - HKCU\..\Run: [4968171.exe] C:\WINDOWS\4968171.exe
    O4 - HKCU\..\Run: [5368843.exe] C:\WINDOWS\5368843.exe
    O4 - HKCU\..\Run: [5769125.exe] C:\WINDOWS\5769125.exe
    O4 - HKCU\..\Run: [6172718.exe] C:\WINDOWS\6172718.exe
    O4 - HKCU\..\Run: [6573000.exe] C:\WINDOWS\6573000.exe
    O4 - HKCU\..\Run: [6973578.exe] C:\WINDOWS\6973578.exe
    O4 - HKCU\..\Run: [7374140.exe] C:\WINDOWS\7374140.exe
    O4 - HKCU\..\Run: [7774750.exe] C:\WINDOWS\7774750.exe
    O4 - HKCU\..\Run: [8175015.exe] C:\WINDOWS\8175015.exe
    O4 - HKCU\..\Run: [8575375.exe] C:\WINDOWS\8575375.exe
    O4 - HKCU\..\Run: [8976265.exe] C:\WINDOWS\8976265.exe
    O4 - HKCU\..\Run: [9376546.exe] C:\WINDOWS\9376546.exe
    O4 - HKCU\..\Run: [9776750.exe] C:\WINDOWS\9776750.exe
    O4 - HKCU\..\Run: [10177031.exe] C:\WINDOWS\10177031.exe
    O4 - HKCU\..\Run: [10577468.exe] C:\WINDOWS\10577468.exe
    O4 - HKCU\..\Run: [10978140.exe] C:\WINDOWS\10978140.exe
    O4 - HKCU\..\Run: [11378859.exe] C:\WINDOWS\11378859.exe
    O4 - HKCU\..\Run: [11779140.exe] C:\WINDOWS\11779140.exe
    O4 - HKCU\..\Run: [12179421.exe] C:\WINDOWS\12179421.exe
    O4 - HKCU\..\Run: [12580218.exe] C:\WINDOWS\12580218.exe
    O4 - HKCU\..\Run: [12980515.exe] C:\WINDOWS\12980515.exe
    O4 - HKCU\..\Run: [13381312.exe] C:\WINDOWS\13381312.exe
    O4 - HKCU\..\Run: [143890.exe] C:\WINDOWS\143890.exe

  18. #18
    O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
    O4 - Startup: PowerReg Scheduler V3.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Picture Package Menu.lnk = ?
    O4 - Global Startup: Picture Package VCD Maker.lnk = ?
    O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
    O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
    O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
    O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
    O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O14 - IERESET.INF: START_PAGE_URL=http://qus8l.hpwis.com
    O16 - DPF: {04B6182D-FB75-11D4-90D2-0000B4948C7C} (cre8tiv 3Di ATL Control (Internet)) - http://www.quick-step.com/distribution/cre8tiv3dix.cab
    O16 - DPF: {099513A2-15DE-49B2-B543-45DE6254DC00} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yaho...opper1_6aa.cab
    O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175...at-no-eula.cab
    O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by20fd.bay20.hotmail.msn.com/...s/MsnPUpld.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/3020a04a...p/RdxIE601.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1124761854453
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1161841830781
    O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgallery.com/download...1/axofupld.cab
    O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yaho...ymmapi_416.dll
    O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.0 Control) - http://babydeluna.multiply.com/photos/uploader.cab
    O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploa...loadClient.cab
    O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} (View22RTE Class) - http://hgtv2.view22.com/view22/app/view22rte.cab
    O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
    O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: MBackMonitor - - C:\Program Files\McAfee\MBK\MBackMonitor.exe
    O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
    O23 - Service: McAfee Log Manager (McLogManagerService) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
    O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Task Scheduler (mctskshd.exe) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mctskshd.exe
    O23 - Service: McAfee User Manager (mcusrmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe

  19. #19
    ...and yes, that "Services and Controller app box" is still popping up.

  20. #20
    Join Date
    Jul 2001
    Location
    Wyncote, PA, USA
    Posts
    10,267
    Open Hijackthis and place a check next to:

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...ch/search.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...ch/search.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com

    O4 - HKCU\..\Run: [ttool] C:\WINDOWS\9129837.exe
    O4 - HKCU\..\Run: [158031.exe] C:\WINDOWS\158031.exe
    O4 - HKCU\..\Run: [561296.exe] C:\WINDOWS\561296.exe
    O4 - HKCU\..\Run: [961656.exe] C:\WINDOWS\961656.exe
    O4 - HKCU\..\Run: [1362453.exe] C:\WINDOWS\1362453.exe
    O4 - HKCU\..\Run: [1763000.exe] C:\WINDOWS\1763000.exe
    O4 - HKCU\..\Run: [2163703.exe] C:\WINDOWS\2163703.exe
    O4 - HKCU\..\Run: [2565125.exe] C:\WINDOWS\2565125.exe
    O4 - HKCU\..\Run: [2969015.exe] C:\WINDOWS\2969015.exe
    O4 - HKCU\..\Run: [3369828.exe] C:\WINDOWS\3369828.exe
    O4 - HKCU\..\Run: [3770281.exe] C:\WINDOWS\3770281.exe
    O4 - HKCU\..\Run: [4171437.exe] C:\WINDOWS\4171437.exe
    O4 - HKCU\..\Run: [4571859.exe] C:\WINDOWS\4571859.exe
    O4 - HKCU\..\Run: [4972359.exe] C:\WINDOWS\4972359.exe
    O4 - HKCU\..\Run: [5372718.exe] C:\WINDOWS\5372718.exe
    O4 - HKCU\..\Run: [5773218.exe] C:\WINDOWS\5773218.exe
    O4 - HKCU\..\Run: [6173937.exe] C:\WINDOWS\6173937.exe
    O4 - HKCU\..\Run: [6574625.exe] C:\WINDOWS\6574625.exe
    O4 - HKCU\..\Run: [6975781.exe] C:\WINDOWS\6975781.exe
    O4 - HKCU\..\Run: [7376218.exe] C:\WINDOWS\7376218.exe
    O4 - HKCU\..\Run: [7776984.exe] C:\WINDOWS\7776984.exe
    O4 - HKCU\..\Run: [9570906.exe] C:\WINDOWS\9570906.exe
    O4 - HKCU\..\Run: [9974406.exe] C:\WINDOWS\9974406.exe
    O4 - HKCU\..\Run: [10375171.exe] C:\WINDOWS\10375171.exe
    O4 - HKCU\..\Run: [10776109.exe] C:\WINDOWS\10776109.exe
    O4 - HKCU\..\Run: [11176640.exe] C:\WINDOWS\11176640.exe
    O4 - HKCU\..\Run: [11577687.exe] C:\WINDOWS\11577687.exe
    O4 - HKCU\..\Run: [11978093.exe] C:\WINDOWS\11978093.exe
    O4 - HKCU\..\Run: [18813281.exe] C:\WINDOWS\18813281.exe
    O4 - HKCU\..\Run: [19213750.exe] C:\WINDOWS\19213750.exe
    O4 - HKCU\..\Run: [19614171.exe] C:\WINDOWS\19614171.exe
    O4 - HKCU\..\Run: [20014734.exe] C:\WINDOWS\20014734.exe
    O4 - HKCU\..\Run: [20415546.exe] C:\WINDOWS\20415546.exe
    O4 - HKCU\..\Run: [74984312.exe] C:\WINDOWS\74984312.exe
    O4 - HKCU\..\Run: [75385953.exe] C:\WINDOWS\75385953.exe
    O4 - HKCU\..\Run: [75787031.exe] C:\WINDOWS\75787031.exe
    O4 - HKCU\..\Run: [76187890.exe] C:\WINDOWS\76187890.exe
    O4 - HKCU\..\Run: [76590468.exe] C:\WINDOWS\76590468.exe
    O4 - HKCU\..\Run: [76992546.exe] C:\WINDOWS\76992546.exe
    O4 - HKCU\..\Run: [77394156.exe] C:\WINDOWS\77394156.exe
    O4 - HKCU\..\Run: [77795953.exe] C:\WINDOWS\77795953.exe
    O4 - HKCU\..\Run: [78196718.exe] C:\WINDOWS\78196718.exe
    O4 - HKCU\..\Run: [78597453.exe] C:\WINDOWS\78597453.exe
    O4 - HKCU\..\Run: [78999625.exe] C:\WINDOWS\78999625.exe
    O4 - HKCU\..\Run: [79401156.exe] C:\WINDOWS\79401156.exe
    O4 - HKCU\..\Run: [79802187.exe] C:\WINDOWS\79802187.exe
    O4 - HKCU\..\Run: [80204703.exe] C:\WINDOWS\80204703.exe
    O4 - HKCU\..\Run: [80605656.exe] C:\WINDOWS\80605656.exe
    O4 - HKCU\..\Run: [81006656.exe] C:\WINDOWS\81006656.exe
    O4 - HKCU\..\Run: [86334953.exe] C:\WINDOWS\86334953.exe
    O4 - HKCU\..\Run: [86735906.exe] C:\WINDOWS\86735906.exe
    O4 - HKCU\..\Run: [87136968.exe] C:\WINDOWS\87136968.exe
    O4 - HKCU\..\Run: [87537640.exe] C:\WINDOWS\87537640.exe
    O4 - HKCU\..\Run: [87939593.exe] C:\WINDOWS\87939593.exe
    O4 - HKCU\..\Run: [88340234.exe] C:\WINDOWS\88340234.exe
    O4 - HKCU\..\Run: [88740812.exe] C:\WINDOWS\88740812.exe
    O4 - HKCU\..\Run: [89141718.exe] C:\WINDOWS\89141718.exe
    O4 - HKCU\..\Run: [89542484.exe] C:\WINDOWS\89542484.exe
    O4 - HKCU\..\Run: [89943531.exe] C:\WINDOWS\89943531.exe
    O4 - HKCU\..\Run: [90344515.exe] C:\WINDOWS\90344515.exe
    O4 - HKCU\..\Run: [90745140.exe] C:\WINDOWS\90745140.exe
    O4 - HKCU\..\Run: [91146718.exe] C:\WINDOWS\91146718.exe
    O4 - HKCU\..\Run: [91547296.exe] C:\WINDOWS\91547296.exe
    O4 - HKCU\..\Run: [91948171.exe] C:\WINDOWS\91948171.exe
    O4 - HKCU\..\Run: [92348796.exe] C:\WINDOWS\92348796.exe
    O4 - HKCU\..\Run: [92752656.exe] C:\WINDOWS\92752656.exe
    O4 - HKCU\..\Run: [93153625.exe] C:\WINDOWS\93153625.exe
    O4 - HKCU\..\Run: [93554828.exe] C:\WINDOWS\93554828.exe
    O4 - HKCU\..\Run: [93955875.exe] C:\WINDOWS\93955875.exe
    O4 - HKCU\..\Run: [94357187.exe] C:\WINDOWS\94357187.exe
    O4 - HKCU\..\Run: [94757781.exe] C:\WINDOWS\94757781.exe
    O4 - HKCU\..\Run: [95158703.exe] C:\WINDOWS\95158703.exe
    O4 - HKCU\..\Run: [95559281.exe] C:\WINDOWS\95559281.exe
    O4 - HKCU\..\Run: [95959890.exe] C:\WINDOWS\95959890.exe
    No two moments are alike and a person who thinks that any two moments are alike has never lived.

    A.J. Heschel

  21. #21
    Join Date
    Jul 2001
    Location
    Wyncote, PA, USA
    Posts
    10,267
    O4 - HKCU\..\Run: [96360765.exe] C:\WINDOWS\96360765.exe
    O4 - HKCU\..\Run: [96761296.exe] C:\WINDOWS\96761296.exe
    O4 - HKCU\..\Run: [97161890.exe] C:\WINDOWS\97161890.exe
    O4 - HKCU\..\Run: [97562468.exe] C:\WINDOWS\97562468.exe
    O4 - HKCU\..\Run: [97963078.exe] C:\WINDOWS\97963078.exe
    O4 - HKCU\..\Run: [98363968.exe] C:\WINDOWS\98363968.exe
    O4 - HKCU\..\Run: [98764625.exe] C:\WINDOWS\98764625.exe
    O4 - HKCU\..\Run: [99165875.exe] C:\WINDOWS\99165875.exe
    O4 - HKCU\..\Run: [99566500.exe] C:\WINDOWS\99566500.exe
    O4 - HKCU\..\Run: [99967312.exe] C:\WINDOWS\99967312.exe
    O4 - HKCU\..\Run: [100367937.exe] C:\WINDOWS\100367937.exe
    O4 - HKCU\..\Run: [100768562.exe] C:\WINDOWS\100768562.exe
    O4 - HKCU\..\Run: [101169187.exe] C:\WINDOWS\101169187.exe
    O4 - HKCU\..\Run: [101569781.exe] C:\WINDOWS\101569781.exe
    O4 - HKCU\..\Run: [101970781.exe] C:\WINDOWS\101970781.exe
    O4 - HKCU\..\Run: [102372312.exe] C:\WINDOWS\102372312.exe
    O4 - HKCU\..\Run: [102774984.exe] C:\WINDOWS\102774984.exe
    O4 - HKCU\..\Run: [103175906.exe] C:\WINDOWS\103175906.exe
    O4 - HKCU\..\Run: [103576859.exe] C:\WINDOWS\103576859.exe
    O4 - HKCU\..\Run: [103977796.exe] C:\WINDOWS\103977796.exe
    O4 - HKCU\..\Run: [104378703.exe] C:\WINDOWS\104378703.exe
    O4 - HKCU\..\Run: [104779203.exe] C:\WINDOWS\104779203.exe
    O4 - HKCU\..\Run: [105179734.exe] C:\WINDOWS\105179734.exe
    O4 - HKCU\..\Run: [105580359.exe] C:\WINDOWS\105580359.exe
    O4 - HKCU\..\Run: [105981187.exe] C:\WINDOWS\105981187.exe
    O4 - HKCU\..\Run: [106382093.exe] C:\WINDOWS\106382093.exe
    O4 - HKCU\..\Run: [106782640.exe] C:\WINDOWS\106782640.exe
    O4 - HKCU\..\Run: [107183453.exe] C:\WINDOWS\107183453.exe
    O4 - HKCU\..\Run: [107583968.exe] C:\WINDOWS\107583968.exe
    O4 - HKCU\..\Run: [107984750.exe] C:\WINDOWS\107984750.exe
    O4 - HKCU\..\Run: [108385625.exe] C:\WINDOWS\108385625.exe
    O4 - HKCU\..\Run: [108786125.exe] C:\WINDOWS\108786125.exe
    O4 - HKCU\..\Run: [109186437.exe] C:\WINDOWS\109186437.exe
    O4 - HKCU\..\Run: [109587046.exe] C:\WINDOWS\109587046.exe
    O4 - HKCU\..\Run: [109987578.exe] C:\WINDOWS\109987578.exe
    O4 - HKCU\..\Run: [110388515.exe] C:\WINDOWS\110388515.exe
    O4 - HKCU\..\Run: [110789078.exe] C:\WINDOWS\110789078.exe
    O4 - HKCU\..\Run: [111190062.exe] C:\WINDOWS\111190062.exe
    O4 - HKCU\..\Run: [111590734.exe] C:\WINDOWS\111590734.exe
    O4 - HKCU\..\Run: [111991421.exe] C:\WINDOWS\111991421.exe
    O4 - HKCU\..\Run: [112394125.exe] C:\WINDOWS\112394125.exe
    O4 - HKCU\..\Run: [149421.exe] C:\WINDOWS\149421.exe
    O4 - HKCU\..\Run: [551968.exe] C:\WINDOWS\551968.exe
    O4 - HKCU\..\Run: [953468.exe] C:\WINDOWS\953468.exe
    O4 - HKCU\..\Run: [1353937.exe] C:\WINDOWS\1353937.exe
    O4 - HKCU\..\Run: [20927718.exe] C:\WINDOWS\20927718.exe
    O4 - HKCU\..\Run: [21328828.exe] C:\WINDOWS\21328828.exe
    O4 - HKCU\..\Run: [21730375.exe] C:\WINDOWS\21730375.exe
    O4 - HKCU\..\Run: [22130968.exe] C:\WINDOWS\22130968.exe
    O4 - HKCU\..\Run: [22531515.exe] C:\WINDOWS\22531515.exe
    O4 - HKCU\..\Run: [22932703.exe] C:\WINDOWS\22932703.exe
    O4 - HKCU\..\Run: [23333656.exe] C:\WINDOWS\23333656.exe
    O4 - HKCU\..\Run: [23734187.exe] C:\WINDOWS\23734187.exe
    O4 - HKCU\..\Run: [24135015.exe] C:\WINDOWS\24135015.exe
    O4 - HKCU\..\Run: [24535843.exe] C:\WINDOWS\24535843.exe
    O4 - HKCU\..\Run: [24936734.exe] C:\WINDOWS\24936734.exe
    O4 - HKCU\..\Run: [29256625.exe] C:\WINDOWS\29256625.exe
    O4 - HKCU\..\Run: [29658046.exe] C:\WINDOWS\29658046.exe
    O4 - HKCU\..\Run: [30058703.exe] C:\WINDOWS\30058703.exe
    O4 - HKCU\..\Run: [30459531.exe] C:\WINDOWS\30459531.exe
    O4 - HKCU\..\Run: [30860390.exe] C:\WINDOWS\30860390.exe
    O4 - HKCU\..\Run: [31260890.exe] C:\WINDOWS\31260890.exe
    O4 - HKCU\..\Run: [31661609.exe] C:\WINDOWS\31661609.exe
    O4 - HKCU\..\Run: [34603046.exe] C:\WINDOWS\34603046.exe
    O4 - HKCU\..\Run: [35003718.exe] C:\WINDOWS\35003718.exe
    O4 - HKCU\..\Run: [35404265.exe] C:\WINDOWS\35404265.exe
    O4 - HKCU\..\Run: [35805109.exe] C:\WINDOWS\35805109.exe
    O4 - HKCU\..\Run: [36205625.exe] C:\WINDOWS\36205625.exe
    O4 - HKCU\..\Run: [36605937.exe] C:\WINDOWS\36605937.exe
    O4 - HKCU\..\Run: [37006328.exe] C:\WINDOWS\37006328.exe
    O4 - HKCU\..\Run: [174046.exe] C:\WINDOWS\174046.exe
    O4 - HKCU\..\Run: [576359.exe] C:\WINDOWS\576359.exe
    O4 - HKCU\..\Run: [977093.exe] C:\WINDOWS\977093.exe
    O4 - HKCU\..\Run: [1377375.exe] C:\WINDOWS\1377375.exe
    O4 - HKCU\..\Run: [1777859.exe] C:\WINDOWS\1777859.exe
    O4 - HKCU\..\Run: [2178765.exe] C:\WINDOWS\2178765.exe
    O4 - HKCU\..\Run: [2579015.exe] C:\WINDOWS\2579015.exe
    O4 - HKCU\..\Run: [2979828.exe] C:\WINDOWS\2979828.exe
    O4 - HKCU\..\Run: [3380453.exe] C:\WINDOWS\3380453.exe
    O4 - HKCU\..\Run: [3780734.exe] C:\WINDOWS\3780734.exe
    O4 - HKCU\..\Run: [4181031.exe] C:\WINDOWS\4181031.exe
    O4 - HKCU\..\Run: [4581468.exe] C:\WINDOWS\4581468.exe
    O4 - HKCU\..\Run: [4981640.exe] C:\WINDOWS\4981640.exe
    O4 - HKCU\..\Run: [5382453.exe] C:\WINDOWS\5382453.exe
    O4 - HKCU\..\Run: [5782828.exe] C:\WINDOWS\5782828.exe
    O4 - HKCU\..\Run: [6183156.exe] C:\WINDOWS\6183156.exe
    O4 - HKCU\..\Run: [6583687.exe] C:\WINDOWS\6583687.exe
    O4 - HKCU\..\Run: [6984140.exe] C:\WINDOWS\6984140.exe
    O4 - HKCU\..\Run: [7384468.exe] C:\WINDOWS\7384468.exe
    O4 - HKCU\..\Run: [7785125.exe] C:\WINDOWS\7785125.exe
    O4 - HKCU\..\Run: [8185828.exe] C:\WINDOWS\8185828.exe
    O4 - HKCU\..\Run: [8586343.exe] C:\WINDOWS\8586343.exe
    O4 - HKCU\..\Run: [8986687.exe] C:\WINDOWS\8986687.exe
    O4 - HKCU\..\Run: [9387421.exe] C:\WINDOWS\9387421.exe
    O4 - HKCU\..\Run: [9787765.exe] C:\WINDOWS\9787765.exe
    O4 - HKCU\..\Run: [10188140.exe] C:\WINDOWS\10188140.exe
    O4 - HKCU\..\Run: [10591531.exe] C:\WINDOWS\10591531.exe
    O4 - HKCU\..\Run: [10991781.exe] C:\WINDOWS\10991781.exe
    O4 - HKCU\..\Run: [11392281.exe] C:\WINDOWS\11392281.exe
    O4 - HKCU\..\Run: [11792703.exe] C:\WINDOWS\11792703.exe
    O4 - HKCU\..\Run: [12192937.exe] C:\WINDOWS\12192937.exe
    O4 - HKCU\..\Run: [12593656.exe] C:\WINDOWS\12593656.exe
    O4 - HKCU\..\Run: [12994234.exe] C:\WINDOWS\12994234.exe
    O4 - HKCU\..\Run: [13394609.exe] C:\WINDOWS\13394609.exe
    O4 - HKCU\..\Run: [13794984.exe] C:\WINDOWS\13794984.exe
    O4 - HKCU\..\Run: [14195390.exe] C:\WINDOWS\14195390.exe
    O4 - HKCU\..\Run: [14595781.exe] C:\WINDOWS\14595781.exe
    O4 - HKCU\..\Run: [14996187.exe] C:\WINDOWS\14996187.exe
    O4 - HKCU\..\Run: [15396937.exe] C:\WINDOWS\15396937.exe
    O4 - HKCU\..\Run: [15800203.exe] C:\WINDOWS\15800203.exe
    O4 - HKCU\..\Run: [16200578.exe] C:\WINDOWS\16200578.exe
    O4 - HKCU\..\Run: [16600890.exe] C:\WINDOWS\16600890.exe
    O4 - HKCU\..\Run: [17001296.exe] C:\WINDOWS\17001296.exe
    O4 - HKCU\..\Run: [155203.exe] C:\WINDOWS\155203.exe
    O4 - HKCU\..\Run: [560171.exe] C:\WINDOWS\560171.exe
    O4 - HKCU\..\Run: [960890.exe] C:\WINDOWS\960890.exe
    O4 - HKCU\..\Run: [1361343.exe] C:\WINDOWS\1361343.exe
    O4 - HKCU\..\Run: [1761687.exe] C:\WINDOWS\1761687.exe
    O4 - HKCU\..\Run: [2162750.exe] C:\WINDOWS\2162750.exe
    O4 - HKCU\..\Run: [3618468.exe] C:\WINDOWS\3618468.exe
    O4 - HKCU\..\Run: [4018765.exe] C:\WINDOWS\4018765.exe
    O4 - HKCU\..\Run: [4419296.exe] C:\WINDOWS\4419296.exe
    O4 - HKCU\..\Run: [4819984.exe] C:\WINDOWS\4819984.exe
    O4 - HKCU\..\Run: [5220687.exe] C:\WINDOWS\5220687.exe
    O4 - HKCU\..\Run: [5621000.exe] C:\WINDOWS\5621000.exe
    O4 - HKCU\..\Run: [6021687.exe] C:\WINDOWS\6021687.exe
    O4 - HKCU\..\Run: [6422000.exe] C:\WINDOWS\6422000.exe
    O4 - HKCU\..\Run: [6822296.exe] C:\WINDOWS\6822296.exe
    O4 - HKCU\..\Run: [7223171.exe] C:\WINDOWS\7223171.exe
    O4 - HKCU\..\Run: [7624125.exe] C:\WINDOWS\7624125.exe
    O4 - HKCU\..\Run: [133812.exe] C:\WINDOWS\133812.exe
    O4 - HKCU\..\Run: [536218.exe] C:\WINDOWS\536218.exe
    O4 - HKCU\..\Run: [936500.exe] C:\WINDOWS\936500.exe
    O4 - HKCU\..\Run: [1336859.exe] C:\WINDOWS\1336859.exe
    O4 - HKCU\..\Run: [1737171.exe] C:\WINDOWS\1737171.exe
    O4 - HKCU\..\Run: [2137484.exe] C:\WINDOWS\2137484.exe
    O4 - HKCU\..\Run: [2538125.exe] C:\WINDOWS\2538125.exe
    O4 - HKCU\..\Run: [2938437.exe] C:\WINDOWS\2938437.exe
    O4 - HKCU\..\Run: [3338703.exe] C:\WINDOWS\3338703.exe
    O4 - HKCU\..\Run: [136390.exe] C:\WINDOWS\136390.exe
    O4 - HKCU\..\Run: [540468.exe] C:\WINDOWS\540468.exe
    O4 - HKCU\..\Run: [160593.exe] C:\WINDOWS\160593.exe
    O4 - HKCU\..\Run: [561875.exe] C:\WINDOWS\561875.exe
    O4 - HKCU\..\Run: [962531.exe] C:\WINDOWS\962531.exe
    O4 - HKCU\..\Run: [1362953.exe] C:\WINDOWS\1362953.exe
    O4 - HKCU\..\Run: [1763296.exe] C:\WINDOWS\1763296.exe
    O4 - HKCU\..\Run: [2163968.exe] C:\WINDOWS\2163968.exe
    O4 - HKCU\..\Run: [2564531.exe] C:\WINDOWS\2564531.exe
    O4 - HKCU\..\Run: [2965234.exe] C:\WINDOWS\2965234.exe
    O4 - HKCU\..\Run: [3365828.exe] C:\WINDOWS\3365828.exe
    O4 - HKCU\..\Run: [3766578.exe] C:\WINDOWS\3766578.exe
    O4 - HKCU\..\Run: [4166984.exe] C:\WINDOWS\4166984.exe
    O4 - HKCU\..\Run: [4567671.exe] C:\WINDOWS\4567671.exe
    O4 - HKCU\..\Run: [4968171.exe] C:\WINDOWS\4968171.exe
    O4 - HKCU\..\Run: [5368843.exe] C:\WINDOWS\5368843.exe
    O4 - HKCU\..\Run: [5769125.exe] C:\WINDOWS\5769125.exe
    O4 - HKCU\..\Run: [6172718.exe] C:\WINDOWS\6172718.exe
    O4 - HKCU\..\Run: [6573000.exe] C:\WINDOWS\6573000.exe
    O4 - HKCU\..\Run: [6973578.exe] C:\WINDOWS\6973578.exe
    O4 - HKCU\..\Run: [7374140.exe] C:\WINDOWS\7374140.exe
    O4 - HKCU\..\Run: [7774750.exe] C:\WINDOWS\7774750.exe
    O4 - HKCU\..\Run: [8175015.exe] C:\WINDOWS\8175015.exe
    O4 - HKCU\..\Run: [8575375.exe] C:\WINDOWS\8575375.exe
    O4 - HKCU\..\Run: [8976265.exe] C:\WINDOWS\8976265.exe
    O4 - HKCU\..\Run: [9376546.exe] C:\WINDOWS\9376546.exe
    O4 - HKCU\..\Run: [9776750.exe] C:\WINDOWS\9776750.exe
    O4 - HKCU\..\Run: [10177031.exe] C:\WINDOWS\10177031.exe
    O4 - HKCU\..\Run: [10577468.exe] C:\WINDOWS\10577468.exe
    O4 - HKCU\..\Run: [10978140.exe] C:\WINDOWS\10978140.exe
    O4 - HKCU\..\Run: [11378859.exe] C:\WINDOWS\11378859.exe
    O4 - HKCU\..\Run: [11779140.exe] C:\WINDOWS\11779140.exe
    O4 - HKCU\..\Run: [12179421.exe] C:\WINDOWS\12179421.exe
    No two moments are alike and a person who thinks that any two moments are alike has never lived.

    A.J. Heschel

  22. #22
    Join Date
    Jul 2001
    Location
    Wyncote, PA, USA
    Posts
    10,267
    O4 - HKCU\..\Run: [12580218.exe] C:\WINDOWS\12580218.exe
    O4 - HKCU\..\Run: [12980515.exe] C:\WINDOWS\12980515.exe
    O4 - HKCU\..\Run: [13381312.exe] C:\WINDOWS\13381312.exe
    O4 - HKCU\..\Run: [143890.exe] C:\WINDOWS\143890.exe

    Close all program and browser windows and click fix checked.

    Re-boot and post a fresh HJT log.
    No two moments are alike and a person who thinks that any two moments are alike has never lived.

    A.J. Heschel

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •