[CrazyIvan]

Seems to have a lot of System32 files. Is this normal? Security iGuard persists.Thanks so much for your help.

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\Usb.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\WISPTIS.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Malcolm\.housecall\resource\engine\windows\dsvtsc.exe
C:\Documents and Settings\--------\.housecall\resource\engine\windows\tsc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Malcolm\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\about.htm
N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\Malcolm\Application Data\Mozilla\Profiles\default\t2weqogf.slt\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Tcp] C:\WINDOWS\Usb.exe
O4 - HKLM\..\Run: [Kll] C:\WINDOWS\Spo.exe
O4 - HKLM\..\Run: [Cbc] C:\WINDOWS\System32\Dil.exe
O4 - HKLM\..\Run: [Itm] C:\WINDOWS\System32\Rdn.exe
O4 - HKLM\..\Run: [Kkr] C:\WINDOWS\System32\Gaa.exe
O4 - HKLM\..\Run: [Lqi] C:\WINDOWS\Cig.exe
O4 - HKLM\..\Run: [Cva] C:\WINDOWS\Nlu.exe
O4 - HKLM\..\Run: [Iap] C:\WINDOWS\System32\Dmj.exe
O4 - HKLM\..\Run: [Fbt] C:\WINDOWS\System32\Onh.exe
O4 - HKLM\..\Run: [Gel] C:\WINDOWS\System32\Lpa.exe
O4 - HKLM\..\Run: [Sqh] C:\WINDOWS\Qiu.exe
O4 - HKLM\..\Run: [Eml] C:\WINDOWS\System32\Lhj.exe
O4 - HKLM\..\Run: [Cnb] C:\WINDOWS\Jld.exe
O4 - HKLM\..\Run: [Aln] C:\WINDOWS\System32\Msv.exe
O4 - HKLM\..\Run: [Fjm] C:\WINDOWS\Jkm.exe
O4 - HKLM\..\Run: [Pbh] C:\WINDOWS\System32\Kic.exe
O4 - HKLM\..\Run: [Suf] C:\WINDOWS\System32\Rcr.exe
O4 - HKLM\..\Run: [Rlf] C:\WINDOWS\System32\Gqj.exe
O4 - HKLM\..\Run: [Gdn] C:\WINDOWS\Dke.exe
O4 - HKLM\..\Run: [Ccj] C:\WINDOWS\System32\Tve.exe
O4 - HKLM\..\Run: [Bpf] C:\WINDOWS\Ugs.exe
O4 - HKLM\..\Run: [Lof] C:\WINDOWS\Fmh.exe
O4 - HKLM\..\Run: [Jtj] C:\WINDOWS\Nha.exe
O4 - HKLM\..\Run: [Vsg] C:\WINDOWS\System32\Mdp.exe
O4 - HKLM\..\Run: [Ufj] C:\WINDOWS\System32\Vme.exe
O4 - HKLM\..\Run: [Enl] C:\WINDOWS\Vtl.exe
O4 - HKLM\..\Run: [Hsp] C:\WINDOWS\Gvk.exe
O4 - HKLM\..\Run: [Glv] C:\WINDOWS\System32\Lec.exe
O4 - HKLM\..\Run: [Ogu] C:\WINDOWS\Sid.exe
O4 - HKLM\..\Run: [Nvq] C:\WINDOWS\Fli.exe
O4 - HKLM\..\Run: [Its] C:\WINDOWS\System32\Fuu.exe
O4 - HKLM\..\Run: [Vgh] C:\WINDOWS\System32\Qga.exe
O4 - HKLM\..\Run: [Ncv] C:\WINDOWS\Drh.exe
O4 - HKLM\..\Run: [Olr] C:\WINDOWS\System32\Khq.exe
O4 - HKLM\..\Run: [Dqq] C:\WINDOWS\Uph.exe
O4 - HKLM\..\Run: [Fcc] C:\WINDOWS\System32\Bvj.exe
O4 - HKLM\..\Run: [Uhu] C:\WINDOWS\Ppb.exe
O4 - HKLM\..\Run: [Sjp] C:\WINDOWS\System32\Lsq.exe
O4 - HKLM\..\Run: [Qpk] C:\WINDOWS\System32\Tch.exe
O4 - HKLM\..\Run: [Bdp] C:\WINDOWS\Nfk.exe
O4 - HKLM\..\Run: [Imo] C:\WINDOWS\System32\Lnc.exe
O4 - HKLM\..\Run: [Dkl] C:\WINDOWS\System32\Seu.exe
O4 - HKLM\..\Run: [Kus] C:\WINDOWS\System32\Slg.exe
O4 - HKLM\..\Run: [Msv] C:\WINDOWS\System32\Nfh.exe
O4 - HKLM\..\Run: [Jgk] C:\WINDOWS\Gbu.exe
O4 - HKLM\..\Run: [Gtd] C:\WINDOWS\System32\Gvr.exe
O4 - HKLM\..\Run: [Cqb] C:\WINDOWS\System32\Jih.exe
O4 - HKLM\..\Run: [Vpv] C:\WINDOWS\System32\Lol.exe
O4 - HKLM\..\Run: [Nme] C:\WINDOWS\System32\Hrr.exe
O4 - HKLM\..\Run: [Pfe] C:\WINDOWS\System32\Tmc.exe
O4 - HKLM\..\Run: [Gbv] C:\WINDOWS\Udq.exe
O4 - HKLM\..\Run: [sp] rundll32 C:\DOCUME~1\Malcolm\LOCALS~1\Temp\se.dll,DllInstall
O4 - HKLM\..\Run: [Kju] C:\WINDOWS\System32\Jub.exe
O4 - HKLM\..\Run: [Fsl] C:\WINDOWS\Fcj.exe
O4 - HKLM\..\Run: [Pqs] C:\WINDOWS\System32\Cbj.exe
O4 - HKLM\..\Run: [Vrg] C:\WINDOWS\System32\Rdc.exe
O4 - HKLM\..\Run: [Ubr] C:\WINDOWS\System32\Pre.exe
O4 - HKLM\..\Run: [Dnm] C:\WINDOWS\System32\Kge.exe
O4 - HKLM\..\Run: [Hup] C:\WINDOWS\Fha.exe
O4 - HKLM\..\Run: [Ikk] C:\WINDOWS\System32\Dru.exe
O4 - HKLM\..\Run: [Nov] C:\WINDOWS\System32\Ulr.exe
O4 - HKLM\..\Run: [Cll] C:\WINDOWS\Gfa.exe
O4 - HKLM\..\Run: [Nml] C:\WINDOWS\System32\Qde.exe
O4 - HKLM\..\Run: [For] C:\WINDOWS\System32\Kls.exe
O4 - HKLM\..\Run: [Vos] C:\WINDOWS\System32\Nke.exe
O4 - HKLM\..\Run: [And] C:\WINDOWS\Idc.exe
O4 - HKLM\..\Run: [Nso] C:\WINDOWS\System32\Bit.exe
O4 - HKLM\..\Run: [Umn] C:\WINDOWS\System32\Osk.exe
O4 - HKLM\..\Run: [Ggq] C:\WINDOWS\System32\Iif.exe
O4 - HKLM\..\Run: [Lhd] C:\WINDOWS\Kks.exe
O4 - HKLM\..\Run: [Rkh] C:\WINDOWS\Arb.exe
O4 - HKLM\..\Run: [Ffr] C:\WINDOWS\Hvr.exe
O4 - HKLM\..\Run: [Tqs] C:\WINDOWS\System32\Hgq.exe
O4 - HKLM\..\Run: [Dav] C:\WINDOWS\Nfb.exe
O4 - HKLM\..\Run: [Gla] C:\WINDOWS\System32\Cgf.exe
O4 - HKLM\..\Run: [Tki] C:\WINDOWS\System32\Cim.exe
O4 - HKLM\..\Run: [Vhp] C:\WINDOWS\Slt.exe
O4 - HKLM\..\Run: [Tnb] C:\WINDOWS\Pbi.exe
O4 - HKLM\..\Run: [Bda] C:\WINDOWS\Ndr.exe
O4 - HKLM\..\Run: [Dpq] C:\WINDOWS\Bbq.exe
O4 - HKLM\..\Run: [Djh] C:\WINDOWS\System32\Sgj.exe
O4 - HKLM\..\Run: [Gsn] C:\WINDOWS\System32\Een.exe
O4 - HKLM\..\Run: [Tkv] C:\WINDOWS\Miu.exe
O4 - HKLM\..\Run: [Ssh] C:\WINDOWS\Cdi.exe
O4 - HKLM\..\Run: [Gbc] C:\WINDOWS\System32\Nmv.exe
O4 - HKLM\..\Run: [Pnt] C:\WINDOWS\Khb.exe
O4 - HKLM\..\Run: [Nao] C:\WINDOWS\Caa.exe
O4 - HKLM\..\Run: [Ujq] C:\WINDOWS\System32\Hfr.exe
O4 - HKLM\..\Run: [Ebb] C:\WINDOWS\System32\Dfo.exe
O4 - HKLM\..\Run: [Rhn] C:\WINDOWS\Ose.exe
O4 - HKLM\..\Run: [Kmr] C:\WINDOWS\System32\Bbv.exe
O4 - HKLM\..\Run: [Qas] C:\WINDOWS\Mbs.exe
O4 - HKLM\..\Run: [Eqf] C:\WINDOWS\Khe.exe
O4 - HKLM\..\Run: [Ihg] C:\WINDOWS\System32\Hsa.exe
O4 - HKLM\..\Run: [Msq] C:\WINDOWS\Agm.exe
O4 - HKLM\..\Run: [Fqt] C:\WINDOWS\Gfj.exe
O4 - HKLM\..\Run: [Kjq] C:\WINDOWS\System32\Udb.exe
O4 - HKLM\..\Run: [Jha] C:\WINDOWS\Ght.exe
O4 - HKLM\..\Run: [Qlp] C:\WINDOWS\System32\Dpv.exe
O4 - HKLM\..\Run: [Ske] C:\WINDOWS\Hkc.exe
O4 - HKLM\..\Run: [Qlc] C:\WINDOWS\System32\Auv.exe
O4 - HKLM\..\Run: [Ckp] C:\WINDOWS\Cpu.exe
O4 - HKLM\..\Run: [Aai] C:\WINDOWS\Coo.exe
O4 - HKLM\..\Run: [Bjo] C:\WINDOWS\System32\Nvj.exe
O4 - HKLM\..\Run: [Fne] C:\WINDOWS\System32\Aru.exe
O4 - HKLM\..\Run: [Udu] C:\WINDOWS\System32\Gme.exe
O4 - HKLM\..\Run: [Oaa] C:\WINDOWS\System32\Jef.exe
O4 - HKLM\..\Run: [Qna] C:\WINDOWS\Qds.exe
O4 - HKLM\..\Run: [Bif] C:\WINDOWS\Jvj.exe
O4 - HKLM\..\Run: [Iqv] C:\WINDOWS\System32\Pcm.exe
O4 - HKLM\..\Run: [Jom] C:\WINDOWS\Eba.exe
O4 - HKLM\..\Run: [Tlt] C:\WINDOWS\System32\Fln.exe
O4 - HKLM\..\Run: [Nga] C:\WINDOWS\Dme.exe
O4 - HKLM\..\Run: [Qfm] C:\WINDOWS\System32\Dqf.exe
O4 - HKLM\..\Run: [Sfs] C:\WINDOWS\Qjv.exe
O4 - HKLM\..\Run: [Tmk] C:\WINDOWS\Fsg.exe
O4 - HKLM\..\Run: [Fbd] C:\WINDOWS\System32\Ddg.exe
O4 - HKLM\..\Run: [Elk] C:\WINDOWS\Ehs.exe
O4 - HKLM\..\Run: [Ags] C:\WINDOWS\Trm.exe
O4 - HKLM\..\Run: [Hmc] C:\WINDOWS\System32\Aip.exe
O4 - HKLM\..\Run: [Hke] C:\WINDOWS\System32\Ten.exe
O4 - HKLM\..\Run: [Ppi] C:\WINDOWS\System32\Oqn.exe
O4 - HKLM\..\Run: [Iii] C:\WINDOWS\System32\Hfr.exe
O4 - HKLM\..\Run: [Cfk] C:\WINDOWS\System32\Fef.exe
O4 - HKLM\..\Run: [Mst] C:\WINDOWS\Tbo.exe
O4 - HKLM\..\Run: [Clm] C:\WINDOWS\System32\Tud.exe
O4 - HKLM\..\Run: [Mvu] C:\WINDOWS\System32\Lal.exe
O4 - HKLM\..\Run: [Tnh] C:\WINDOWS\Uus.exe
O4 - HKLM\..\Run: [Iie] C:\WINDOWS\Rhf.exe
O4 - HKLM\..\Run: [Ino] C:\WINDOWS\System32\Lgo.exe
O4 - HKLM\..\Run: [Ppn] C:\WINDOWS\Cor.exe
O4 - HKLM\..\Run: [Mdt] C:\WINDOWS\Cgj.exe
O4 - HKLM\..\Run: [Kdl] C:\WINDOWS\Qne.exe
O4 - HKLM\..\Run: [Dgg] C:\WINDOWS\Eir.exe
O4 - HKLM\..\Run: [Udn] C:\WINDOWS\System32\Cao.exe
O4 - HKLM\..\Run: [Gjb] C:\WINDOWS\Ljn.exe
O4 - HKLM\..\Run: [Tif] C:\WINDOWS\System32\Osr.exe
O4 - HKLM\..\Run: [Qsr] C:\WINDOWS\System32\Hiv.exe
O4 - HKLM\..\Run: [Gik] C:\WINDOWS\Cvp.exe
O4 - HKLM\..\Run: [Gue] C:\WINDOWS\Njq.exe
O4 - HKLM\..\Run: [Bie] C:\WINDOWS\Bpl.exe
O4 - HKLM\..\Run: [Rfl] C:\WINDOWS\Sfs.exe
O4 - HKLM\..\Run: [Lfc] C:\WINDOWS\Mre.exe
O4 - HKLM\..\Run: [Gto] C:\WINDOWS\Oou.exe
O4 - HKLM\..\Run: [Hih] C:\WINDOWS\System32\Qnt.exe
O4 - HKLM\..\Run: [Tbu] C:\WINDOWS\Avb.exe
O4 - HKLM\..\Run: [Vrc] C:\WINDOWS\System32\Jta.exe
O4 - HKLM\..\Run: [Eqn] C:\WINDOWS\Jrv.exe
O4 - HKLM\..\Run: [Bnh] C:\WINDOWS\System32\Bik.exe
O4 - HKLM\..\Run: [Gij] C:\WINDOWS\Cne.exe
O4 - HKLM\..\Run: [Srf] C:\WINDOWS\System32\Ngb.exe
O4 - HKLM\..\Run: [Bfj] C:\WINDOWS\System32\Rsd.exe
O4 - HKLM\..\Run: [Dgf] C:\WINDOWS\Cst.exe
O4 - HKLM\..\Run: [Vba] C:\WINDOWS\Aap.exe
O4 - HKLM\..\Run: [Efh] C:\WINDOWS\Pvv.exe
O4 - HKLM\..\Run: [Idh] C:\WINDOWS\Hnm.exe
O4 - HKLM\..\Run: [Nla] C:\WINDOWS\Rln.exe
O4 - HKLM\..\Run: [Ssd] C:\WINDOWS\Lhf.exe
O4 - HKLM\..\Run: [Shj] C:\WINDOWS\Ieq.exe
O4 - HKLM\..\Run: [Ggu] C:\WINDOWS\System32\Goe.exe
O4 - HKLM\..\Run: [Hgh] C:\WINDOWS\System32\Uhh.exe
O4 - HKLM\..\Run: [Dhb] C:\WINDOWS\System32\Cjd.exe
O4 - HKLM\..\Run: [Jjb] C:\WINDOWS\Rcs.exe
O4 - HKLM\..\Run: [Bjp] C:\WINDOWS\Mog.exe
O4 - HKLM\..\Run: [Sbp] C:\WINDOWS\Vlk.exe
O4 - HKLM\..\Run: [Hoh] C:\WINDOWS\System32\Rqb.exe
O4 - HKLM\..\Run: [Nqs] C:\WINDOWS\System32\Uku.exe
O4 - HKLM\..\Run: [Lgg] C:\WINDOWS\System32\Vpl.exe
O4 - HKLM\..\Run: [Cvr] C:\WINDOWS\Tps.exe
O4 - HKLM\..\Run: [Flt] C:\WINDOWS\System32\Vco.exe
O4 - HKLM\..\Run: [Ufc] C:\WINDOWS\System32\Vla.exe
O4 - HKLM\..\Run: [Rri] C:\WINDOWS\Lco.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Fbt] C:\WINDOWS\System32\Onh.exe
O4 - HKCU\..\Run: [Gel] C:\WINDOWS\System32\Lpa.exe
O4 - HKCU\..\Run: [Sqh] C:\WINDOWS\Qiu.exe
O4 - HKCU\..\Run: [Eml] C:\WINDOWS\System32\Lhj.exe
O4 - HKCU\..\Run: [Cnb] C:\WINDOWS\Jld.exe
O4 - HKCU\..\Run: [Aln] C:\WINDOWS\System32\Msv.exe
O4 - HKCU\..\Run: [Fjm] C:\WINDOWS\Jkm.exe
O4 - HKCU\..\Run: [Pbh] C:\WINDOWS\System32\Kic.exe
O4 - HKCU\..\Run: [Suf] C:\WINDOWS\System32\Rcr.exe
O4 - HKCU\..\Run: [Rlf] C:\WINDOWS\System32\Gqj.exe
O4 - HKCU\..\Run: [Gdn] C:\WINDOWS\Dke.exe
O4 - HKCU\..\Run: [Ccj] C:\WINDOWS\System32\Tve.exe
O4 - HKCU\..\Run: [Bpf] C:\WINDOWS\Ugs.exe
O4 - HKCU\..\Run: [Lof] C:\WINDOWS\Fmh.exe
O4 - HKCU\..\Run: [Jtj] C:\WINDOWS\Nha.exe
O4 - HKCU\..\Run: [Vsg] C:\WINDOWS\System32\Mdp.exe
O4 - HKCU\..\Run: [Ufj] C:\WINDOWS\System32\Vme.exe
O4 - HKCU\..\Run: [Enl] C:\WINDOWS\Vtl.exe
O4 - HKCU\..\Run: [Hsp] C:\WINDOWS\Gvk.exe
O4 - HKCU\..\Run: [Glv] C:\WINDOWS\System32\Lec.exe
O4 - HKCU\..\Run: [Ogu] C:\WINDOWS\Sid.exe
O4 - HKCU\..\Run: [Nvq] C:\WINDOWS\Fli.exe
O4 - HKCU\..\Run: [Its] C:\WINDOWS\System32\Fuu.exe
O4 - HKCU\..\Run: [Vgh] C:\WINDOWS\System32\Qga.exe
O4 - HKCU\..\Run: [Ncv] C:\WINDOWS\Drh.exe
O4 - HKCU\..\Run: [Olr] C:\WINDOWS\System32\Khq.exe
O4 - HKCU\..\Run: [Dqq] C:\WINDOWS\Uph.exe
O4 - HKCU\..\Run: [Fcc] C:\WINDOWS\System32\Bvj.exe
O4 - HKCU\..\Run: [Uhu] C:\WINDOWS\Ppb.exe
O4 - HKCU\..\Run: [Sjp] C:\WINDOWS\System32\Lsq.exe
O4 - HKCU\..\Run: [Qpk] C:\WINDOWS\System32\Tch.exe
O4 - HKCU\..\Run: [Bdp] C:\WINDOWS\Nfk.exe
O4 - HKCU\..\Run: [Imo] C:\WINDOWS\System32\Lnc.exe
O4 - HKCU\..\Run: [Dkl] C:\WINDOWS\System32\Seu.exe
O4 - HKCU\..\Run: [Kus] C:\WINDOWS\System32\Slg.exe
O4 - HKCU\..\Run: [Msv] C:\WINDOWS\System32\Nfh.exe
O4 - HKCU\..\Run: [Jgk] C:\WINDOWS\Gbu.exe
O4 - HKCU\..\Run: [Gtd] C:\WINDOWS\System32\Gvr.exe
O4 - HKCU\..\Run: [Cqb] C:\WINDOWS\System32\Jih.exe
O4 - HKCU\..\Run: [Vpv] C:\WINDOWS\System32\Lol.exe
O4 - HKCU\..\Run: [Nme] C:\WINDOWS\System32\Hrr.exe
O4 - HKCU\..\Run: [Pfe] C:\WINDOWS\System32\Tmc.exe
O4 - HKCU\..\Run: [Gbv] C:\WINDOWS\Udq.exe
O4 - HKCU\..\Run: [Kju] C:\WINDOWS\System32\Jub.exe
O4 - HKCU\..\Run: [Fsl] C:\WINDOWS\Fcj.exe
O4 - HKCU\..\Run: [Pqs] C:\WINDOWS\System32\Cbj.exe
O4 - HKCU\..\Run: [Vrg] C:\WINDOWS\System32\Rdc.exe
O4 - HKCU\..\Run: [Ubr] C:\WINDOWS\System32\Pre.exe
O4 - HKCU\..\Run: [Dnm] C:\WINDOWS\System32\Kge.exe
O4 - HKCU\..\Run: [Hup] C:\WINDOWS\Fha.exe
O4 - HKCU\..\Run: [Ikk] C:\WINDOWS\System32\Dru.exe
O4 - HKCU\..\Run: [Nov] C:\WINDOWS\System32\Ulr.exe
O4 - HKCU\..\Run: [Cll] C:\WINDOWS\Gfa.exe
O4 - HKCU\..\Run: [Nml] C:\WINDOWS\System32\Qde.exe
O4 - HKCU\..\Run: [For] C:\WINDOWS\System32\Kls.exe
O4 - HKCU\..\Run: [Vos] C:\WINDOWS\System32\Nke.exe
O4 - HKCU\..\Run: [And] C:\WINDOWS\Idc.exe
O4 - HKCU\..\Run: [Nso] C:\WINDOWS\System32\Bit.exe
O4 - HKCU\..\Run: [Umn] C:\WINDOWS\System32\Osk.exe
O4 - HKCU\..\Run: [Ggq] C:\WINDOWS\System32\Iif.exe
O4 - HKCU\..\Run: [Lhd] C:\WINDOWS\Kks.exe
O4 - HKCU\..\Run: [Rkh] C:\WINDOWS\Arb.exe
O4 - HKCU\..\Run: [Ffr] C:\WINDOWS\Hvr.exe
O4 - HKCU\..\Run: [Tqs] C:\WINDOWS\System32\Hgq.exe
O4 - HKCU\..\Run: [Dav] C:\WINDOWS\Nfb.exe
O4 - HKCU\..\Run: [Gla] C:\WINDOWS\System32\Cgf.exe
O4 - HKCU\..\Run: [Tki] C:\WINDOWS\System32\Cim.exe
O4 - HKCU\..\Run: [Vhp] C:\WINDOWS\Slt.exe
O4 - HKCU\..\Run: [Tnb] C:\WINDOWS\Pbi.exe
O4 - HKCU\..\Run: [Bda] C:\WINDOWS\Ndr.exe
O4 - HKCU\..\Run: [Dpq] C:\WINDOWS\Bbq.exe
O4 - HKCU\..\Run: [Djh] C:\WINDOWS\System32\Sgj.exe
O4 - HKCU\..\Run: [Gsn] C:\WINDOWS\System32\Een.exe
O4 - HKCU\..\Run: [Tkv] C:\WINDOWS\Miu.exe
O4 - HKCU\..\Run: [Ssh] C:\WINDOWS\Cdi.exe
O4 - HKCU\..\Run: [Gbc] C:\WINDOWS\System32\Nmv.exe
O4 - HKCU\..\Run: [Pnt] C:\WINDOWS\Khb.exe
O4 - HKCU\..\Run: [Nao] C:\WINDOWS\Caa.exe
O4 - HKCU\..\Run: [Ujq] C:\WINDOWS\System32\Hfr.exe
O4 - HKCU\..\Run: [Ebb] C:\WINDOWS\System32\Dfo.exe
O4 - HKCU\..\Run: [Rhn] C:\WINDOWS\Ose.exe
O4 - HKCU\..\Run: [Kmr] C:\WINDOWS\System32\Bbv.exe
O4 - HKCU\..\Run: [Qas] C:\WINDOWS\Mbs.exe
O4 - HKCU\..\Run: [Eqf] C:\WINDOWS\Khe.exe
O4 - HKCU\..\Run: [Ihg] C:\WINDOWS\System32\Hsa.exe
O4 - HKCU\..\Run: [Msq] C:\WINDOWS\Agm.exe
O4 - HKCU\..\Run: [Fqt] C:\WINDOWS\Gfj.exe
O4 - HKCU\..\Run: [Kjq] C:\WINDOWS\System32\Udb.exe
O4 - HKCU\..\Run: [Jha] C:\WINDOWS\Ght.exe
O4 - HKCU\..\Run: [Qlp] C:\WINDOWS\System32\Dpv.exe
O4 - HKCU\..\Run: [Ske] C:\WINDOWS\Hkc.exe
O4 - HKCU\..\Run: [Qlc] C:\WINDOWS\System32\Auv.exe
O4 - HKCU\..\Run: [Ckp] C:\WINDOWS\Cpu.exe
O4 - HKCU\..\Run: [Aai] C:\WINDOWS\Coo.exe
O4 - HKCU\..\Run: [Bjo] C:\WINDOWS\System32\Nvj.exe
O4 - HKCU\..\Run: [Fne] C:\WINDOWS\System32\Aru.exe
O4 - HKCU\..\Run: [Udu] C:\WINDOWS\System32\Gme.exe
O4 - HKCU\..\Run: [Oaa] C:\WINDOWS\System32\Jef.exe
O4 - HKCU\..\Run: [Qna] C:\WINDOWS\Qds.exe
O4 - HKCU\..\Run: [Bif] C:\WINDOWS\Jvj.exe
O4 - HKCU\..\Run: [Iqv] C:\WINDOWS\System32\Pcm.exe
O4 - HKCU\..\Run: [Jom] C:\WINDOWS\Eba.exe
O4 - HKCU\..\Run: [Tlt] C:\WINDOWS\System32\Fln.exe
O4 - HKCU\..\Run: [Nga] C:\WINDOWS\Dme.exe
O4 - HKCU\..\Run: [Qfm] C:\WINDOWS\System32\Dqf.exe
O4 - HKCU\..\Run: [Sfs] C:\WINDOWS\Qjv.exe
O4 - HKCU\..\Run: [Tmk] C:\WINDOWS\Fsg.exe
O4 - HKCU\..\Run: [Fbd] C:\WINDOWS\System32\Ddg.exe
O4 - HKCU\..\Run: [Elk] C:\WINDOWS\Ehs.exe
O4 - HKCU\..\Run: [Ags] C:\WINDOWS\Trm.exe
O4 - HKCU\..\Run: [Hmc] C:\WINDOWS\System32\Aip.exe
O4 - HKCU\..\Run: [Hke] C:\WINDOWS\System32\Ten.exe
O4 - HKCU\..\Run: [Ppi] C:\WINDOWS\System32\Oqn.exe
O4 - HKCU\..\Run: [Iii] C:\WINDOWS\System32\Hfr.exe
O4 - HKCU\..\Run: [Cfk] C:\WINDOWS\System32\Fef.exe
O4 - HKCU\..\Run: [Mst] C:\WINDOWS\Tbo.exe
O4 - HKCU\..\Run: [Clm] C:\WINDOWS\System32\Tud.exe
O4 - HKCU\..\Run: [Mvu] C:\WINDOWS\System32\Lal.exe
O4 - HKCU\..\Run: [Tnh] C:\WINDOWS\Uus.exe
O4 - HKCU\..\Run: [Iie] C:\WINDOWS\Rhf.exe
O4 - HKCU\..\Run: [Ino] C:\WINDOWS\System32\Lgo.exe
O4 - HKCU\..\Run: [Ppn] C:\WINDOWS\Cor.exe
O4 - HKCU\..\Run: [Mdt] C:\WINDOWS\Cgj.exe
O4 - HKCU\..\Run: [Kdl] C:\WINDOWS\Qne.exe
O4 - HKCU\..\Run: [Dgg] C:\WINDOWS\Eir.exe
O4 - HKCU\..\Run: [Udn] C:\WINDOWS\System32\Cao.exe
O4 - HKCU\..\Run: [Gjb] C:\WINDOWS\Ljn.exe
O4 - HKCU\..\Run: [Gik] C:\WINDOWS\Cvp.exe
O4 - HKCU\..\Run: [Rfl] C:\WINDOWS\Sfs.exe
O4 - HKCU\..\Run: [Lfc] C:\WINDOWS\Mre.exe
O4 - HKCU\..\Run: [Gto] C:\WINDOWS\Oou.exe
O4 - HKCU\..\Run: [Hih] C:\WINDOWS\System32\Qnt.exe
O4 - HKCU\..\Run: [Tbu] C:\WINDOWS\Avb.exe
O4 - HKCU\..\Run: [Vrc] C:\WINDOWS\System32\Jta.exe
O4 - HKCU\..\Run: [Eqn] C:\WINDOWS\Jrv.exe
O4 - HKCU\..\Run: [Bnh] C:\WINDOWS\System32\Bik.exe
O4 - HKCU\..\Run: [Gij] C:\WINDOWS\Cne.exe
O4 - HKCU\..\Run: [Srf] C:\WINDOWS\System32\Ngb.exe
O4 - HKCU\..\Run: [Bfj] C:\WINDOWS\System32\Rsd.exe
O4 - HKCU\..\Run: [Dgf] C:\WINDOWS\Cst.exe
O4 - HKCU\..\Run: [Vba] C:\WINDOWS\Aap.exe
O4 - HKCU\..\Run: [Efh] C:\WINDOWS\Pvv.exe
O4 - HKCU\..\Run: [Idh] C:\WINDOWS\Hnm.exe
O4 - HKCU\..\Run: [Nla] C:\WINDOWS\Rln.exe
O4 - HKCU\..\Run: [Ssd] C:\WINDOWS\Lhf.exe
O4 - HKCU\..\Run: [Shj] C:\WINDOWS\Ieq.exe
O4 - HKCU\..\Run: [Ggu] C:\WINDOWS\System32\Goe.exe
O4 - HKCU\..\Run: [Hgh] C:\WINDOWS\System32\Uhh.exe
O4 - HKCU\..\Run: [Dhb] C:\WINDOWS\System32\Cjd.exe
O4 - HKCU\..\Run: [Jjb] C:\WINDOWS\Rcs.exe
O4 - HKCU\..\Run: [Bjp] C:\WINDOWS\Mog.exe
O4 - HKCU\..\Run: [Sbp] C:\WINDOWS\Vlk.exe
O4 - HKCU\..\Run: [Hoh] C:\WINDOWS\System32\Rqb.exe
O4 - HKCU\..\Run: [Nqs] C:\WINDOWS\System32\Uku.exe
O4 - HKCU\..\Run: [Lgg] C:\WINDOWS\System32\Vpl.exe
O4 - HKCU\..\Run: [Cvr] C:\WINDOWS\Tps.exe
O4 - HKCU\..\Run: [Flt] C:\WINDOWS\System32\Vco.exe
O4 - HKCU\..\Run: [Ufc] C:\WINDOWS\System32\Vla.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Rri] C:\WINDOWS\Lco.exe
O4 - Startup: winupdate98589498[1].exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Microsoft AntiSpyware helper - {27A832DF-427D-4430-A49A-C44E0C0FD700} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {27A832DF-427D-4430-A49A-C44E0C0FD700} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {42BDDD12-298E-4E1B-B2BE-B94538C1ACE4} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {42BDDD12-298E-4E1B-B2BE-B94538C1ACE4} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {5B4369AA-7F04-48C4-A9CF-A4C7644DE837} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {5B4369AA-7F04-48C4-A9CF-A4C7644DE837} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {5FC6A6CE-8DA1-48A5-BC56-AB121C623454} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {5FC6A6CE-8DA1-48A5-BC56-AB121C623454} - (no file) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O20 - Winlogon Notify: drct16 - C:\WINDOWS\SYSTEM32\drct16.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe

[Advertisements]

Hey CI. Welcome to GTG.

You cut off the top of your log. I need to see that to start working on it.

[coachwife6]

Hey CI. Welcome to GTG.

You cut off the top of your log. I need to see that to start working on it.

[CrazyIvan]

Apologies.

Logfile of HijackThis v1.99.1
Scan saved at 11:09:08 AM, on 3/21/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

[coachwife6]

Please post the entire log putting the top part and the bottom part together. Thanks.

[CrazyIvan]

Logfile of HijackThis v1.99.1
Scan saved at 2:43:10 PM, on 3/21/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\Usb.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\WISPTIS.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Malcolm\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\about.htm
N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\Malcolm\Application Data\Mozilla\Profiles\default\t2weqogf.slt\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Tcp] C:\WINDOWS\Usb.exe
O4 - HKLM\..\Run: [Kll] C:\WINDOWS\Spo.exe
O4 - HKLM\..\Run: [Cbc] C:\WINDOWS\System32\Dil.exe
O4 - HKLM\..\Run: [Itm] C:\WINDOWS\System32\Rdn.exe
O4 - HKLM\..\Run: [Kkr] C:\WINDOWS\System32\Gaa.exe
O4 - HKLM\..\Run: [Lqi] C:\WINDOWS\Cig.exe
O4 - HKLM\..\Run: [Cva] C:\WINDOWS\Nlu.exe
O4 - HKLM\..\Run: [Iap] C:\WINDOWS\System32\Dmj.exe
O4 - HKLM\..\Run: [Fbt] C:\WINDOWS\System32\Onh.exe
O4 - HKLM\..\Run: [Gel] C:\WINDOWS\System32\Lpa.exe
O4 - HKLM\..\Run: [Sqh] C:\WINDOWS\Qiu.exe
O4 - HKLM\..\Run: [Eml] C:\WINDOWS\System32\Lhj.exe
O4 - HKLM\..\Run: [Cnb] C:\WINDOWS\Jld.exe
O4 - HKLM\..\Run: [Aln] C:\WINDOWS\System32\Msv.exe
O4 - HKLM\..\Run: [Fjm] C:\WINDOWS\Jkm.exe
O4 - HKLM\..\Run: [Pbh] C:\WINDOWS\System32\Kic.exe
O4 - HKLM\..\Run: [Suf] C:\WINDOWS\System32\Rcr.exe
O4 - HKLM\..\Run: [Rlf] C:\WINDOWS\System32\Gqj.exe
O4 - HKLM\..\Run: [Gdn] C:\WINDOWS\Dke.exe
O4 - HKLM\..\Run: [Ccj] C:\WINDOWS\System32\Tve.exe
O4 - HKLM\..\Run: [Bpf] C:\WINDOWS\Ugs.exe
O4 - HKLM\..\Run: [Lof] C:\WINDOWS\Fmh.exe
O4 - HKLM\..\Run: [Jtj] C:\WINDOWS\Nha.exe
O4 - HKLM\..\Run: [Vsg] C:\WINDOWS\System32\Mdp.exe
O4 - HKLM\..\Run: [Ufj] C:\WINDOWS\System32\Vme.exe
O4 - HKLM\..\Run: [Enl] C:\WINDOWS\Vtl.exe
O4 - HKLM\..\Run: [Hsp] C:\WINDOWS\Gvk.exe
O4 - HKLM\..\Run: [Glv] C:\WINDOWS\System32\Lec.exe
O4 - HKLM\..\Run: [Ogu] C:\WINDOWS\Sid.exe
O4 - HKLM\..\Run: [Nvq] C:\WINDOWS\Fli.exe
O4 - HKLM\..\Run: [Its] C:\WINDOWS\System32\Fuu.exe
O4 - HKLM\..\Run: [Vgh] C:\WINDOWS\System32\Qga.exe
O4 - HKLM\..\Run: [Ncv] C:\WINDOWS\Drh.exe
O4 - HKLM\..\Run: [Olr] C:\WINDOWS\System32\Khq.exe
O4 - HKLM\..\Run: [Dqq] C:\WINDOWS\Uph.exe
O4 - HKLM\..\Run: [Fcc] C:\WINDOWS\System32\Bvj.exe
O4 - HKLM\..\Run: [Uhu] C:\WINDOWS\Ppb.exe
O4 - HKLM\..\Run: [Sjp] C:\WINDOWS\System32\Lsq.exe
O4 - HKLM\..\Run: [Qpk] C:\WINDOWS\System32\Tch.exe
O4 - HKLM\..\Run: [Bdp] C:\WINDOWS\Nfk.exe
O4 - HKLM\..\Run: [Imo] C:\WINDOWS\System32\Lnc.exe
O4 - HKLM\..\Run: [Dkl] C:\WINDOWS\System32\Seu.exe
O4 - HKLM\..\Run: [Kus] C:\WINDOWS\System32\Slg.exe
O4 - HKLM\..\Run: [Msv] C:\WINDOWS\System32\Nfh.exe
O4 - HKLM\..\Run: [Jgk] C:\WINDOWS\Gbu.exe
O4 - HKLM\..\Run: [Gtd] C:\WINDOWS\System32\Gvr.exe
O4 - HKLM\..\Run: [Cqb] C:\WINDOWS\System32\Jih.exe
O4 - HKLM\..\Run: [Vpv] C:\WINDOWS\System32\Lol.exe
O4 - HKLM\..\Run: [Nme] C:\WINDOWS\System32\Hrr.exe
O4 - HKLM\..\Run: [Pfe] C:\WINDOWS\System32\Tmc.exe
O4 - HKLM\..\Run: [Gbv] C:\WINDOWS\Udq.exe
O4 - HKLM\..\Run: [Kju] C:\WINDOWS\System32\Jub.exe
O4 - HKLM\..\Run: [Fsl] C:\WINDOWS\Fcj.exe
O4 - HKLM\..\Run: [Pqs] C:\WINDOWS\System32\Cbj.exe
O4 - HKLM\..\Run: [Vrg] C:\WINDOWS\System32\Rdc.exe
O4 - HKLM\..\Run: [Ubr] C:\WINDOWS\System32\Pre.exe
O4 - HKLM\..\Run: [Dnm] C:\WINDOWS\System32\Kge.exe
O4 - HKLM\..\Run: [Hup] C:\WINDOWS\Fha.exe
O4 - HKLM\..\Run: [Ikk] C:\WINDOWS\System32\Dru.exe
O4 - HKLM\..\Run: [Nov] C:\WINDOWS\System32\Ulr.exe
O4 - HKLM\..\Run: [Cll] C:\WINDOWS\Gfa.exe
O4 - HKLM\..\Run: [Nml] C:\WINDOWS\System32\Qde.exe
O4 - HKLM\..\Run: [For] C:\WINDOWS\System32\Kls.exe
O4 - HKLM\..\Run: [Vos] C:\WINDOWS\System32\Nke.exe
O4 - HKLM\..\Run: [And] C:\WINDOWS\Idc.exe
O4 - HKLM\..\Run: [Nso] C:\WINDOWS\System32\Bit.exe
O4 - HKLM\..\Run: [Umn] C:\WINDOWS\System32\Osk.exe
O4 - HKLM\..\Run: [Ggq] C:\WINDOWS\System32\Iif.exe
O4 - HKLM\..\Run: [Lhd] C:\WINDOWS\Kks.exe
O4 - HKLM\..\Run: [Rkh] C:\WINDOWS\Arb.exe
O4 - HKLM\..\Run: [Ffr] C:\WINDOWS\Hvr.exe
O4 - HKLM\..\Run: [Tqs] C:\WINDOWS\System32\Hgq.exe
O4 - HKLM\..\Run: [Dav] C:\WINDOWS\Nfb.exe
O4 - HKLM\..\Run: [Gla] C:\WINDOWS\System32\Cgf.exe
O4 - HKLM\..\Run: [Tki] C:\WINDOWS\System32\Cim.exe
O4 - HKLM\..\Run: [Vhp] C:\WINDOWS\Slt.exe
O4 - HKLM\..\Run: [Tnb] C:\WINDOWS\Pbi.exe
O4 - HKLM\..\Run: [Bda] C:\WINDOWS\Ndr.exe
O4 - HKLM\..\Run: [Dpq] C:\WINDOWS\Bbq.exe
O4 - HKLM\..\Run: [Djh] C:\WINDOWS\System32\Sgj.exe
O4 - HKLM\..\Run: [Gsn] C:\WINDOWS\System32\Een.exe
O4 - HKLM\..\Run: [Tkv] C:\WINDOWS\Miu.exe
O4 - HKLM\..\Run: [Ssh] C:\WINDOWS\Cdi.exe
O4 - HKLM\..\Run: [Gbc] C:\WINDOWS\System32\Nmv.exe
O4 - HKLM\..\Run: [Pnt] C:\WINDOWS\Khb.exe
O4 - HKLM\..\Run: [Nao] C:\WINDOWS\Caa.exe
O4 - HKLM\..\Run: [Ujq] C:\WINDOWS\System32\Hfr.exe
O4 - HKLM\..\Run: [Ebb] C:\WINDOWS\System32\Dfo.exe
O4 - HKLM\..\Run: [Rhn] C:\WINDOWS\Ose.exe
O4 - HKLM\..\Run: [Kmr] C:\WINDOWS\System32\Bbv.exe
O4 - HKLM\..\Run: [Qas] C:\WINDOWS\Mbs.exe
O4 - HKLM\..\Run: [Eqf] C:\WINDOWS\Khe.exe
O4 - HKLM\..\Run: [Ihg] C:\WINDOWS\System32\Hsa.exe
O4 - HKLM\..\Run: [Msq] C:\WINDOWS\Agm.exe
O4 - HKLM\..\Run: [Fqt] C:\WINDOWS\Gfj.exe
O4 - HKLM\..\Run: [Kjq] C:\WINDOWS\System32\Udb.exe
O4 - HKLM\..\Run: [Jha] C:\WINDOWS\Ght.exe
O4 - HKLM\..\Run: [Qlp] C:\WINDOWS\System32\Dpv.exe
O4 - HKLM\..\Run: [Ske] C:\WINDOWS\Hkc.exe
O4 - HKLM\..\Run: [Qlc] C:\WINDOWS\System32\Auv.exe
O4 - HKLM\..\Run: [Ckp] C:\WINDOWS\Cpu.exe
O4 - HKLM\..\Run: [Aai] C:\WINDOWS\Coo.exe
O4 - HKLM\..\Run: [Bjo] C:\WINDOWS\System32\Nvj.exe
O4 - HKLM\..\Run: [Fne] C:\WINDOWS\System32\Aru.exe
O4 - HKLM\..\Run: [Udu] C:\WINDOWS\System32\Gme.exe
O4 - HKLM\..\Run: [Oaa] C:\WINDOWS\System32\Jef.exe
O4 - HKLM\..\Run: [Qna] C:\WINDOWS\Qds.exe
O4 - HKLM\..\Run: [Bif] C:\WINDOWS\Jvj.exe
O4 - HKLM\..\Run: [Iqv] C:\WINDOWS\System32\Pcm.exe
O4 - HKLM\..\Run: [Jom] C:\WINDOWS\Eba.exe
O4 - HKLM\..\Run: [Tlt] C:\WINDOWS\System32\Fln.exe
O4 - HKLM\..\Run: [Nga] C:\WINDOWS\Dme.exe
O4 - HKLM\..\Run: [Qfm] C:\WINDOWS\System32\Dqf.exe
O4 - HKLM\..\Run: [Sfs] C:\WINDOWS\Qjv.exe
O4 - HKLM\..\Run: [Fbd] C:\WINDOWS\System32\Ddg.exe
O4 - HKLM\..\Run: [Elk] C:\WINDOWS\Ehs.exe
O4 - HKLM\..\Run: [Ags] C:\WINDOWS\Trm.exe
O4 - HKLM\..\Run: [Hmc] C:\WINDOWS\System32\Aip.exe
O4 - HKLM\..\Run: [Hke] C:\WINDOWS\System32\Ten.exe
O4 - HKLM\..\Run: [Ppi] C:\WINDOWS\System32\Oqn.exe
O4 - HKLM\..\Run: [Iii] C:\WINDOWS\System32\Hfr.exe
O4 - HKLM\..\Run: [Cfk] C:\WINDOWS\System32\Fef.exe
O4 - HKLM\..\Run: [Mst] C:\WINDOWS\Tbo.exe
O4 - HKLM\..\Run: [Clm] C:\WINDOWS\System32\Tud.exe
O4 - HKLM\..\Run: [Mvu] C:\WINDOWS\System32\Lal.exe
O4 - HKLM\..\Run: [Tnh] C:\WINDOWS\Uus.exe
O4 - HKLM\..\Run: [Iie] C:\WINDOWS\Rhf.exe
O4 - HKLM\..\Run: [Ino] C:\WINDOWS\System32\Lgo.exe
O4 - HKLM\..\Run: [Ppn] C:\WINDOWS\Cor.exe
O4 - HKLM\..\Run: [Mdt] C:\WINDOWS\Cgj.exe
O4 - HKLM\..\Run: [Kdl] C:\WINDOWS\Qne.exe
O4 - HKLM\..\Run: [Dgg] C:\WINDOWS\Eir.exe
O4 - HKLM\..\Run: [Udn] C:\WINDOWS\System32\Cao.exe
O4 - HKLM\..\Run: [Gjb] C:\WINDOWS\Ljn.exe
O4 - HKLM\..\Run: [Tif] C:\WINDOWS\System32\Osr.exe
O4 - HKLM\..\Run: [Qsr] C:\WINDOWS\System32\Hiv.exe
O4 - HKLM\..\Run: [Gik] C:\WINDOWS\Cvp.exe
O4 - HKLM\..\Run: [Gue] C:\WINDOWS\Njq.exe
O4 - HKLM\..\Run: [Rfl] C:\WINDOWS\Sfs.exe
O4 - HKLM\..\Run: [Lfc] C:\WINDOWS\Mre.exe
O4 - HKLM\..\Run: [Gto] C:\WINDOWS\Oou.exe
O4 - HKLM\..\Run: [Hih] C:\WINDOWS\System32\Qnt.exe
O4 - HKLM\..\Run: [Tbu] C:\WINDOWS\Avb.exe
O4 - HKLM\..\Run: [Vrc] C:\WINDOWS\System32\Jta.exe
O4 - HKLM\..\Run: [Eqn] C:\WINDOWS\Jrv.exe
O4 - HKLM\..\Run: [Bnh] C:\WINDOWS\System32\Bik.exe
O4 - HKLM\..\Run: [Gij] C:\WINDOWS\Cne.exe
O4 - HKLM\..\Run: [Srf] C:\WINDOWS\System32\Ngb.exe
O4 - HKLM\..\Run: [Bfj] C:\WINDOWS\System32\Rsd.exe
O4 - HKLM\..\Run: [Dgf] C:\WINDOWS\Cst.exe
O4 - HKLM\..\Run: [Vba] C:\WINDOWS\Aap.exe
O4 - HKLM\..\Run: [Efh] C:\WINDOWS\Pvv.exe
O4 - HKLM\..\Run: [Idh] C:\WINDOWS\Hnm.exe
O4 - HKLM\..\Run: [Nla] C:\WINDOWS\Rln.exe
O4 - HKLM\..\Run: [Ssd] C:\WINDOWS\Lhf.exe
O4 - HKLM\..\Run: [Shj] C:\WINDOWS\Ieq.exe
O4 - HKLM\..\Run: [Ggu] C:\WINDOWS\System32\Goe.exe
O4 - HKLM\..\Run: [Hgh] C:\WINDOWS\System32\Uhh.exe
O4 - HKLM\..\Run: [Dhb] C:\WINDOWS\System32\Cjd.exe
O4 - HKLM\..\Run: [Jjb] C:\WINDOWS\Rcs.exe
O4 - HKLM\..\Run: [Bjp] C:\WINDOWS\Mog.exe
O4 - HKLM\..\Run: [Sbp] C:\WINDOWS\Vlk.exe
O4 - HKLM\..\Run: [Hoh] C:\WINDOWS\System32\Rqb.exe
O4 - HKLM\..\Run: [Nqs] C:\WINDOWS\System32\Uku.exe
O4 - HKLM\..\Run: [Lgg] C:\WINDOWS\System32\Vpl.exe
O4 - HKLM\..\Run: [Cvr] C:\WINDOWS\Tps.exe
O4 - HKLM\..\Run: [Flt] C:\WINDOWS\System32\Vco.exe
O4 - HKLM\..\Run: [Ufc] C:\WINDOWS\System32\Vla.exe
O4 - HKLM\..\Run: [Rri] C:\WINDOWS\Lco.exe
O4 - HKLM\..\Run: [Jrh] C:\WINDOWS\System32\Hap.exe
O4 - HKLM\..\Run: [Rjt] C:\WINDOWS\System32\Ius.exe
O4 - HKLM\..\Run: [Cuu] C:\WINDOWS\Rjk.exe
O4 - HKLM\..\Run: [Pmq] C:\WINDOWS\Vlh.exe
O4 - HKLM\..\Run: [Ltb] C:\WINDOWS\System32\Cca.exe
O4 - HKLM\..\Run: [Pgr] C:\WINDOWS\Iml.exe
O4 - HKLM\..\Run: [Ojn] C:\WINDOWS\System32\Rmg.exe
O4 - HKLM\..\Run: [Cdg] C:\WINDOWS\Rgc.exe
O4 - HKLM\..\Run: [Jau] C:\WINDOWS\Vqt.exe
O4 - HKLM\..\Run: [Mpj] C:\WINDOWS\Nuc.exe
O4 - HKLM\..\Run: [Dkt] C:\WINDOWS\Rtd.exe
O4 - HKLM\..\Run: [Uhe] C:\WINDOWS\Qjj.exe
O4 - HKLM\..\Run: [Dnq] C:\WINDOWS\Gnr.exe
O4 - HKLM\..\Run: [Mui] C:\WINDOWS\System32\Bmd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Fbt] C:\WINDOWS\System32\Onh.exe
O4 - HKCU\..\Run: [Gel] C:\WINDOWS\System32\Lpa.exe
O4 - HKCU\..\Run: [Sqh] C:\WINDOWS\Qiu.exe
O4 - HKCU\..\Run: [Eml] C:\WINDOWS\System32\Lhj.exe
O4 - HKCU\..\Run: [Cnb] C:\WINDOWS\Jld.exe
O4 - HKCU\..\Run: [Aln] C:\WINDOWS\System32\Msv.exe
O4 - HKCU\..\Run: [Fjm] C:\WINDOWS\Jkm.exe
O4 - HKCU\..\Run: [Pbh] C:\WINDOWS\System32\Kic.exe
O4 - HKCU\..\Run: [Suf] C:\WINDOWS\System32\Rcr.exe
O4 - HKCU\..\Run: [Rlf] C:\WINDOWS\System32\Gqj.exe
O4 - HKCU\..\Run: [Gdn] C:\WINDOWS\Dke.exe
O4 - HKCU\..\Run: [Ccj] C:\WINDOWS\System32\Tve.exe
O4 - HKCU\..\Run: [Bpf] C:\WINDOWS\Ugs.exe
O4 - HKCU\..\Run: [Lof] C:\WINDOWS\Fmh.exe
O4 - HKCU\..\Run: [Jtj] C:\WINDOWS\Nha.exe
O4 - HKCU\..\Run: [Vsg] C:\WINDOWS\System32\Mdp.exe
O4 - HKCU\..\Run: [Ufj] C:\WINDOWS\System32\Vme.exe
O4 - HKCU\..\Run: [Enl] C:\WINDOWS\Vtl.exe
O4 - HKCU\..\Run: [Hsp] C:\WINDOWS\Gvk.exe
O4 - HKCU\..\Run: [Glv] C:\WINDOWS\System32\Lec.exe
O4 - HKCU\..\Run: [Ogu] C:\WINDOWS\Sid.exe
O4 - HKCU\..\Run: [Nvq] C:\WINDOWS\Fli.exe
O4 - HKCU\..\Run: [Its] C:\WINDOWS\System32\Fuu.exe
O4 - HKCU\..\Run: [Vgh] C:\WINDOWS\System32\Qga.exe
O4 - HKCU\..\Run: [Ncv] C:\WINDOWS\Drh.exe
O4 - HKCU\..\Run: [Olr] C:\WINDOWS\System32\Khq.exe
O4 - HKCU\..\Run: [Dqq] C:\WINDOWS\Uph.exe
O4 - HKCU\..\Run: [Fcc] C:\WINDOWS\System32\Bvj.exe
O4 - HKCU\..\Run: [Uhu] C:\WINDOWS\Ppb.exe
O4 - HKCU\..\Run: [Sjp] C:\WINDOWS\System32\Lsq.exe
O4 - HKCU\..\Run: [Qpk] C:\WINDOWS\System32\Tch.exe
O4 - HKCU\..\Run: [Bdp] C:\WINDOWS\Nfk.exe
O4 - HKCU\..\Run: [Imo] C:\WINDOWS\System32\Lnc.exe
O4 - HKCU\..\Run: [Dkl] C:\WINDOWS\System32\Seu.exe
O4 - HKCU\..\Run: [Kus] C:\WINDOWS\System32\Slg.exe
O4 - HKCU\..\Run: [Msv] C:\WINDOWS\System32\Nfh.exe
O4 - HKCU\..\Run: [Jgk] C:\WINDOWS\Gbu.exe
O4 - HKCU\..\Run: [Gtd] C:\WINDOWS\System32\Gvr.exe
O4 - HKCU\..\Run: [Cqb] C:\WINDOWS\System32\Jih.exe
O4 - HKCU\..\Run: [Vpv] C:\WINDOWS\System32\Lol.exe
O4 - HKCU\..\Run: [Nme] C:\WINDOWS\System32\Hrr.exe
O4 - HKCU\..\Run: [Pfe] C:\WINDOWS\System32\Tmc.exe
O4 - HKCU\..\Run: [Gbv] C:\WINDOWS\Udq.exe
O4 - HKCU\..\Run: [Kju] C:\WINDOWS\System32\Jub.exe
O4 - HKCU\..\Run: [Fsl] C:\WINDOWS\Fcj.exe
O4 - HKCU\..\Run: [Pqs] C:\WINDOWS\System32\Cbj.exe
O4 - HKCU\..\Run: [Vrg] C:\WINDOWS\System32\Rdc.exe
O4 - HKCU\..\Run: [Ubr] C:\WINDOWS\System32\Pre.exe
O4 - HKCU\..\Run: [Dnm] C:\WINDOWS\System32\Kge.exe
O4 - HKCU\..\Run: [Hup] C:\WINDOWS\Fha.exe
O4 - HKCU\..\Run: [Ikk] C:\WINDOWS\System32\Dru.exe
O4 - HKCU\..\Run: [Nov] C:\WINDOWS\System32\Ulr.exe
O4 - HKCU\..\Run: [Cll] C:\WINDOWS\Gfa.exe
O4 - HKCU\..\Run: [Nml] C:\WINDOWS\System32\Qde.exe
O4 - HKCU\..\Run: [For] C:\WINDOWS\System32\Kls.exe
O4 - HKCU\..\Run: [Vos] C:\WINDOWS\System32\Nke.exe
O4 - HKCU\..\Run: [And] C:\WINDOWS\Idc.exe
O4 - HKCU\..\Run: [Nso] C:\WINDOWS\System32\Bit.exe
O4 - HKCU\..\Run: [Umn] C:\WINDOWS\System32\Osk.exe
O4 - HKCU\..\Run: [Ggq] C:\WINDOWS\System32\Iif.exe
O4 - HKCU\..\Run: [Lhd] C:\WINDOWS\Kks.exe
O4 - HKCU\..\Run: [Rkh] C:\WINDOWS\Arb.exe
O4 - HKCU\..\Run: [Ffr] C:\WINDOWS\Hvr.exe
O4 - HKCU\..\Run: [Tqs] C:\WINDOWS\System32\Hgq.exe
O4 - HKCU\..\Run: [Dav] C:\WINDOWS\Nfb.exe
O4 - HKCU\..\Run: [Gla] C:\WINDOWS\System32\Cgf.exe
O4 - HKCU\..\Run: [Tki] C:\WINDOWS\System32\Cim.exe
O4 - HKCU\..\Run: [Vhp] C:\WINDOWS\Slt.exe
O4 - HKCU\..\Run: [Tnb] C:\WINDOWS\Pbi.exe
O4 - HKCU\..\Run: [Bda] C:\WINDOWS\Ndr.exe
O4 - HKCU\..\Run: [Dpq] C:\WINDOWS\Bbq.exe
O4 - HKCU\..\Run: [Djh] C:\WINDOWS\System32\Sgj.exe
O4 - HKCU\..\Run: [Gsn] C:\WINDOWS\System32\Een.exe
O4 - HKCU\..\Run: [Tkv] C:\WINDOWS\Miu.exe
O4 - HKCU\..\Run: [Ssh] C:\WINDOWS\Cdi.exe
O4 - HKCU\..\Run: [Gbc] C:\WINDOWS\System32\Nmv.exe
O4 - HKCU\..\Run: [Pnt] C:\WINDOWS\Khb.exe
O4 - HKCU\..\Run: [Nao] C:\WINDOWS\Caa.exe
O4 - HKCU\..\Run: [Ujq] C:\WINDOWS\System32\Hfr.exe
O4 - HKCU\..\Run: [Ebb] C:\WINDOWS\System32\Dfo.exe
O4 - HKCU\..\Run: [Rhn] C:\WINDOWS\Ose.exe
O4 - HKCU\..\Run: [Kmr] C:\WINDOWS\System32\Bbv.exe
O4 - HKCU\..\Run: [Qas] C:\WINDOWS\Mbs.exe
O4 - HKCU\..\Run: [Eqf] C:\WINDOWS\Khe.exe
O4 - HKCU\..\Run: [Ihg] C:\WINDOWS\System32\Hsa.exe
O4 - HKCU\..\Run: [Msq] C:\WINDOWS\Agm.exe
O4 - HKCU\..\Run: [Fqt] C:\WINDOWS\Gfj.exe
O4 - HKCU\..\Run: [Kjq] C:\WINDOWS\System32\Udb.exe
O4 - HKCU\..\Run: [Jha] C:\WINDOWS\Ght.exe
O4 - HKCU\..\Run: [Qlp] C:\WINDOWS\System32\Dpv.exe
O4 - HKCU\..\Run: [Ske] C:\WINDOWS\Hkc.exe
O4 - HKCU\..\Run: [Qlc] C:\WINDOWS\System32\Auv.exe
O4 - HKCU\..\Run: [Ckp] C:\WINDOWS\Cpu.exe
O4 - HKCU\..\Run: [Aai] C:\WINDOWS\Coo.exe
O4 - HKCU\..\Run: [Bjo] C:\WINDOWS\System32\Nvj.exe
O4 - HKCU\..\Run: [Fne] C:\WINDOWS\System32\Aru.exe
O4 - HKCU\..\Run: [Udu] C:\WINDOWS\System32\Gme.exe
O4 - HKCU\..\Run: [Oaa] C:\WINDOWS\System32\Jef.exe
O4 - HKCU\..\Run: [Qna] C:\WINDOWS\Qds.exe
O4 - HKCU\..\Run: [Bif] C:\WINDOWS\Jvj.exe
O4 - HKCU\..\Run: [Iqv] C:\WINDOWS\System32\Pcm.exe
O4 - HKCU\..\Run: [Jom] C:\WINDOWS\Eba.exe
O4 - HKCU\..\Run: [Tlt] C:\WINDOWS\System32\Fln.exe
O4 - HKCU\..\Run: [Nga] C:\WINDOWS\Dme.exe
O4 - HKCU\..\Run: [Qfm] C:\WINDOWS\System32\Dqf.exe
O4 - HKCU\..\Run: [Sfs] C:\WINDOWS\Qjv.exe
O4 - HKCU\..\Run: [Fbd] C:\WINDOWS\System32\Ddg.exe
O4 - HKCU\..\Run: [Elk] C:\WINDOWS\Ehs.exe
O4 - HKCU\..\Run: [Ags] C:\WINDOWS\Trm.exe
O4 - HKCU\..\Run: [Hmc] C:\WINDOWS\System32\Aip.exe
O4 - HKCU\..\Run: [Hke] C:\WINDOWS\System32\Ten.exe
O4 - HKCU\..\Run: [Ppi] C:\WINDOWS\System32\Oqn.exe
O4 - HKCU\..\Run: [Iii] C:\WINDOWS\System32\Hfr.exe
O4 - HKCU\..\Run: [Cfk] C:\WINDOWS\System32\Fef.exe
O4 - HKCU\..\Run: [Mst] C:\WINDOWS\Tbo.exe
O4 - HKCU\..\Run: [Clm] C:\WINDOWS\System32\Tud.exe
O4 - HKCU\..\Run: [Mvu] C:\WINDOWS\System32\Lal.exe
O4 - HKCU\..\Run: [Tnh] C:\WINDOWS\Uus.exe
O4 - HKCU\..\Run: [Iie] C:\WINDOWS\Rhf.exe
O4 - HKCU\..\Run: [Ino] C:\WINDOWS\System32\Lgo.exe
O4 - HKCU\..\Run: [Ppn] C:\WINDOWS\Cor.exe
O4 - HKCU\..\Run: [Mdt] C:\WINDOWS\Cgj.exe
O4 - HKCU\..\Run: [Kdl] C:\WINDOWS\Qne.exe
O4 - HKCU\..\Run: [Dgg] C:\WINDOWS\Eir.exe
O4 - HKCU\..\Run: [Udn] C:\WINDOWS\System32\Cao.exe
O4 - HKCU\..\Run: [Gjb] C:\WINDOWS\Ljn.exe
O4 - HKCU\..\Run: [Gik] C:\WINDOWS\Cvp.exe
O4 - HKCU\..\Run: [Rfl] C:\WINDOWS\Sfs.exe
O4 - HKCU\..\Run: [Lfc] C:\WINDOWS\Mre.exe
O4 - HKCU\..\Run: [Gto] C:\WINDOWS\Oou.exe
O4 - HKCU\..\Run: [Hih] C:\WINDOWS\System32\Qnt.exe
O4 - HKCU\..\Run: [Tbu] C:\WINDOWS\Avb.exe
O4 - HKCU\..\Run: [Vrc] C:\WINDOWS\System32\Jta.exe
O4 - HKCU\..\Run: [Eqn] C:\WINDOWS\Jrv.exe
O4 - HKCU\..\Run: [Bnh] C:\WINDOWS\System32\Bik.exe
O4 - HKCU\..\Run: [Gij] C:\WINDOWS\Cne.exe
O4 - HKCU\..\Run: [Srf] C:\WINDOWS\System32\Ngb.exe
O4 - HKCU\..\Run: [Bfj] C:\WINDOWS\System32\Rsd.exe
O4 - HKCU\..\Run: [Dgf] C:\WINDOWS\Cst.exe
O4 - HKCU\..\Run: [Vba] C:\WINDOWS\Aap.exe
O4 - HKCU\..\Run: [Efh] C:\WINDOWS\Pvv.exe
O4 - HKCU\..\Run: [Idh] C:\WINDOWS\Hnm.exe
O4 - HKCU\..\Run: [Nla] C:\WINDOWS\Rln.exe
O4 - HKCU\..\Run: [Ssd] C:\WINDOWS\Lhf.exe
O4 - HKCU\..\Run: [Shj] C:\WINDOWS\Ieq.exe
O4 - HKCU\..\Run: [Ggu] C:\WINDOWS\System32\Goe.exe
O4 - HKCU\..\Run: [Hgh] C:\WINDOWS\System32\Uhh.exe
O4 - HKCU\..\Run: [Dhb] C:\WINDOWS\System32\Cjd.exe
O4 - HKCU\..\Run: [Jjb] C:\WINDOWS\Rcs.exe
O4 - HKCU\..\Run: [Bjp] C:\WINDOWS\Mog.exe
O4 - HKCU\..\Run: [Sbp] C:\WINDOWS\Vlk.exe
O4 - HKCU\..\Run: [Hoh] C:\WINDOWS\System32\Rqb.exe
O4 - HKCU\..\Run: [Nqs] C:\WINDOWS\System32\Uku.exe
O4 - HKCU\..\Run: [Lgg] C:\WINDOWS\System32\Vpl.exe
O4 - HKCU\..\Run: [Cvr] C:\WINDOWS\Tps.exe
O4 - HKCU\..\Run: [Flt] C:\WINDOWS\System32\Vco.exe
O4 - HKCU\..\Run: [Ufc] C:\WINDOWS\System32\Vla.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Rri] C:\WINDOWS\Lco.exe
O4 - HKCU\..\Run: [Jrh] C:\WINDOWS\System32\Hap.exe
O4 - HKCU\..\Run: [Rjt] C:\WINDOWS\System32\Ius.exe
O4 - HKCU\..\Run: [Cuu] C:\WINDOWS\Rjk.exe
O4 - HKCU\..\Run: [Pmq] C:\WINDOWS\Vlh.exe
O4 - HKCU\..\Run: [Ltb] C:\WINDOWS\System32\Cca.exe
O4 - HKCU\..\Run: [Pgr] C:\WINDOWS\Iml.exe
O4 - HKCU\..\Run: [Ojn] C:\WINDOWS\System32\Rmg.exe
O4 - HKCU\..\Run: [Cdg] C:\WINDOWS\Rgc.exe
O4 - HKCU\..\Run: [Jau] C:\WINDOWS\Vqt.exe
O4 - HKCU\..\Run: [Mpj] C:\WINDOWS\Nuc.exe
O4 - HKCU\..\Run: [Dkt] C:\WINDOWS\Rtd.exe
O4 - HKCU\..\Run: [Uhe] C:\WINDOWS\Qjj.exe
O4 - HKCU\..\Run: [Dnq] C:\WINDOWS\Gnr.exe
O4 - HKCU\..\Run: [Mui] C:\WINDOWS\System32\Bmd.exe
O4 - Startup: winupdate98589498[1].exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Microsoft AntiSpyware helper - {27A832DF-427D-4430-A49A-C44E0C0FD700} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {27A832DF-427D-4430-A49A-C44E0C0FD700} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {42BDDD12-298E-4E1B-B2BE-B94538C1ACE4} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {42BDDD12-298E-4E1B-B2BE-B94538C1ACE4} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {5B4369AA-7F04-48C4-A9CF-A4C7644DE837} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {5B4369AA-7F04-48C4-A9CF-A4C7644DE837} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {5FC6A6CE-8DA1-48A5-BC56-AB121C623454} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {5FC6A6CE-8DA1-48A5-BC56-AB121C623454} - (no file) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O20 - Winlogon Notify: drct16 - C:\WINDOWS\SYSTEM32\drct16.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe

[coachwife6]

You may wish to print out a copy of these instructions to follow while you complete this procedure.

Please save Hijack This in a permanent folder (i.e. C:\HJT). This ensures backups are saved and accessible.

Please go offline, close all browsers and any open Windows, making sure that only HijackThis is open. Scan and when it finishes, put an X in the boxes, only next to these following items, then click fix checked.


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\about.htm

O4 - HKLM\..\Run: [Kll] C:\WINDOWS\Spo.exe
O4 - HKLM\..\Run: [Cbc] C:\WINDOWS\System32\Dil.exe
O4 - HKLM\..\Run: [Itm] C:\WINDOWS\System32\Rdn.exe
O4 - HKLM\..\Run: [Kkr] C:\WINDOWS\System32\Gaa.exe
O4 - HKLM\..\Run: [Lqi] C:\WINDOWS\Cig.exe
O4 - HKLM\..\Run: [Cva] C:\WINDOWS\Nlu.exe
O4 - HKLM\..\Run: [Iap] C:\WINDOWS\System32\Dmj.exe
O4 - HKLM\..\Run: [Fbt] C:\WINDOWS\System32\Onh.exe
O4 - HKLM\..\Run: [Gel] C:\WINDOWS\System32\Lpa.exe
O4 - HKLM\..\Run: [Sqh] C:\WINDOWS\Qiu.exe
O4 - HKLM\..\Run: [Eml] C:\WINDOWS\System32\Lhj.exe
O4 - HKLM\..\Run: [Cnb] C:\WINDOWS\Jld.exe
O4 - HKLM\..\Run: [Aln] C:\WINDOWS\System32\Msv.exe
O4 - HKLM\..\Run: [Fjm] C:\WINDOWS\Jkm.exe
O4 - HKLM\..\Run: [Pbh] C:\WINDOWS\System32\Kic.exe
O4 - HKLM\..\Run: [Suf] C:\WINDOWS\System32\Rcr.exe
O4 - HKLM\..\Run: [Rlf] C:\WINDOWS\System32\Gqj.exe
O4 - HKLM\..\Run: [Gdn] C:\WINDOWS\Dke.exe
O4 - HKLM\..\Run: [Ccj] C:\WINDOWS\System32\Tve.exe
O4 - HKLM\..\Run: [Bpf] C:\WINDOWS\Ugs.exe
O4 - HKLM\..\Run: [Lof] C:\WINDOWS\Fmh.exe
O4 - HKLM\..\Run: [Jtj] C:\WINDOWS\Nha.exe
O4 - HKLM\..\Run: [Vsg] C:\WINDOWS\System32\Mdp.exe
O4 - HKLM\..\Run: [Ufj] C:\WINDOWS\System32\Vme.exe
O4 - HKLM\..\Run: [Enl] C:\WINDOWS\Vtl.exe
O4 - HKLM\..\Run: [Hsp] C:\WINDOWS\Gvk.exe
O4 - HKLM\..\Run: [Glv] C:\WINDOWS\System32\Lec.exe
O4 - HKLM\..\Run: [Ogu] C:\WINDOWS\Sid.exe
O4 - HKLM\..\Run: [Nvq] C:\WINDOWS\Fli.exe
O4 - HKLM\..\Run: [Its] C:\WINDOWS\System32\Fuu.exe
O4 - HKLM\..\Run: [Vgh] C:\WINDOWS\System32\Qga.exe
O4 - HKLM\..\Run: [Ncv] C:\WINDOWS\Drh.exe
O4 - HKLM\..\Run: [Olr] C:\WINDOWS\System32\Khq.exe
O4 - HKLM\..\Run: [Dqq] C:\WINDOWS\Uph.exe
O4 - HKLM\..\Run: [Fcc] C:\WINDOWS\System32\Bvj.exe
O4 - HKLM\..\Run: [Uhu] C:\WINDOWS\Ppb.exe
O4 - HKLM\..\Run: [Sjp] C:\WINDOWS\System32\Lsq.exe
O4 - HKLM\..\Run: [Qpk] C:\WINDOWS\System32\Tch.exe
O4 - HKLM\..\Run: [Bdp] C:\WINDOWS\Nfk.exe
O4 - HKLM\..\Run: [Imo] C:\WINDOWS\System32\Lnc.exe
O4 - HKLM\..\Run: [Dkl] C:\WINDOWS\System32\Seu.exe
O4 - HKLM\..\Run: [Kus] C:\WINDOWS\System32\Slg.exe
O4 - HKLM\..\Run: [Msv] C:\WINDOWS\System32\Nfh.exe
O4 - HKLM\..\Run: [Jgk] C:\WINDOWS\Gbu.exe
O4 - HKLM\..\Run: [Gtd] C:\WINDOWS\System32\Gvr.exe
O4 - HKLM\..\Run: [Cqb] C:\WINDOWS\System32\Jih.exe
O4 - HKLM\..\Run: [Vpv] C:\WINDOWS\System32\Lol.exe
O4 - HKLM\..\Run: [Nme] C:\WINDOWS\System32\Hrr.exe
O4 - HKLM\..\Run: [Pfe] C:\WINDOWS\System32\Tmc.exe
O4 - HKLM\..\Run: [Gbv] C:\WINDOWS\Udq.exe
O4 - HKLM\..\Run: [Kju] C:\WINDOWS\System32\Jub.exe
O4 - HKLM\..\Run: [Fsl] C:\WINDOWS\Fcj.exe
O4 - HKLM\..\Run: [Pqs] C:\WINDOWS\System32\Cbj.exe
O4 - HKLM\..\Run: [Vrg] C:\WINDOWS\System32\Rdc.exe
O4 - HKLM\..\Run: [Ubr] C:\WINDOWS\System32\Pre.exe
O4 - HKLM\..\Run: [Dnm] C:\WINDOWS\System32\Kge.exe
O4 - HKLM\..\Run: [Hup] C:\WINDOWS\Fha.exe
O4 - HKLM\..\Run: [Ikk] C:\WINDOWS\System32\Dru.exe
O4 - HKLM\..\Run: [Nov] C:\WINDOWS\System32\Ulr.exe
O4 - HKLM\..\Run: [Cll] C:\WINDOWS\Gfa.exe
O4 - HKLM\..\Run: [Nml] C:\WINDOWS\System32\Qde.exe
O4 - HKLM\..\Run: [For] C:\WINDOWS\System32\Kls.exe
O4 - HKLM\..\Run: [Vos] C:\WINDOWS\System32\Nke.exe
O4 - HKLM\..\Run: [And] C:\WINDOWS\Idc.exe
O4 - HKLM\..\Run: [Nso] C:\WINDOWS\System32\Bit.exe
O4 - HKLM\..\Run: [Umn] C:\WINDOWS\System32\Osk.exe
O4 - HKLM\..\Run: [Ggq] C:\WINDOWS\System32\Iif.exe
O4 - HKLM\..\Run: [Lhd] C:\WINDOWS\Kks.exe
O4 - HKLM\..\Run: [Rkh] C:\WINDOWS\Arb.exe
O4 - HKLM\..\Run: [Ffr] C:\WINDOWS\Hvr.exe
O4 - HKLM\..\Run: [Tqs] C:\WINDOWS\System32\Hgq.exe
O4 - HKLM\..\Run: [Dav] C:\WINDOWS\Nfb.exe
O4 - HKLM\..\Run: [Gla] C:\WINDOWS\System32\Cgf.exe
O4 - HKLM\..\Run: [Tki] C:\WINDOWS\System32\Cim.exe
O4 - HKLM\..\Run: [Vhp] C:\WINDOWS\Slt.exe
O4 - HKLM\..\Run: [Tnb] C:\WINDOWS\Pbi.exe
O4 - HKLM\..\Run: [Bda] C:\WINDOWS\Ndr.exe
O4 - HKLM\..\Run: [Dpq] C:\WINDOWS\Bbq.exe
O4 - HKLM\..\Run: [Djh] C:\WINDOWS\System32\Sgj.exe
O4 - HKLM\..\Run: [Gsn] C:\WINDOWS\System32\Een.exe
O4 - HKLM\..\Run: [Tkv] C:\WINDOWS\Miu.exe
O4 - HKLM\..\Run: [Ssh] C:\WINDOWS\Cdi.exe
O4 - HKLM\..\Run: [Gbc] C:\WINDOWS\System32\Nmv.exe
O4 - HKLM\..\Run: [Pnt] C:\WINDOWS\Khb.exe
O4 - HKLM\..\Run: [Nao] C:\WINDOWS\Caa.exe
O4 - HKLM\..\Run: [Ujq] C:\WINDOWS\System32\Hfr.exe
O4 - HKLM\..\Run: [Ebb] C:\WINDOWS\System32\Dfo.exe
O4 - HKLM\..\Run: [Rhn] C:\WINDOWS\Ose.exe
O4 - HKLM\..\Run: [Kmr] C:\WINDOWS\System32\Bbv.exe
O4 - HKLM\..\Run: [Qas] C:\WINDOWS\Mbs.exe
O4 - HKLM\..\Run: [Eqf] C:\WINDOWS\Khe.exe
O4 - HKLM\..\Run: [Ihg] C:\WINDOWS\System32\Hsa.exe
O4 - HKLM\..\Run: [Msq] C:\WINDOWS\Agm.exe
O4 - HKLM\..\Run: [Fqt] C:\WINDOWS\Gfj.exe
O4 - HKLM\..\Run: [Kjq] C:\WINDOWS\System32\Udb.exe
O4 - HKLM\..\Run: [Jha] C:\WINDOWS\Ght.exe
O4 - HKLM\..\Run: [Qlp] C:\WINDOWS\System32\Dpv.exe
O4 - HKLM\..\Run: [Ske] C:\WINDOWS\Hkc.exe
O4 - HKLM\..\Run: [Qlc] C:\WINDOWS\System32\Auv.exe
O4 - HKLM\..\Run: [Ckp] C:\WINDOWS\Cpu.exe
O4 - HKLM\..\Run: [Aai] C:\WINDOWS\Coo.exe
O4 - HKLM\..\Run: [Bjo] C:\WINDOWS\System32\Nvj.exe
O4 - HKLM\..\Run: [Fne] C:\WINDOWS\System32\Aru.exe
O4 - HKLM\..\Run: [Udu] C:\WINDOWS\System32\Gme.exe
O4 - HKLM\..\Run: [Oaa] C:\WINDOWS\System32\Jef.exe
O4 - HKLM\..\Run: [Qna] C:\WINDOWS\Qds.exe
O4 - HKLM\..\Run: [Bif] C:\WINDOWS\Jvj.exe
O4 - HKLM\..\Run: [Iqv] C:\WINDOWS\System32\Pcm.exe
O4 - HKLM\..\Run: [Jom] C:\WINDOWS\Eba.exe
O4 - HKLM\..\Run: [Tlt] C:\WINDOWS\System32\Fln.exe
O4 - HKLM\..\Run: [Nga] C:\WINDOWS\Dme.exe
O4 - HKLM\..\Run: [Qfm] C:\WINDOWS\System32\Dqf.exe
O4 - HKLM\..\Run: [Sfs] C:\WINDOWS\Qjv.exe
O4 - HKLM\..\Run: [Fbd] C:\WINDOWS\System32\Ddg.exe
O4 - HKLM\..\Run: [Elk] C:\WINDOWS\Ehs.exe
O4 - HKLM\..\Run: [Ags] C:\WINDOWS\Trm.exe
O4 - HKLM\..\Run: [Hmc] C:\WINDOWS\System32\Aip.exe
O4 - HKLM\..\Run: [Hke] C:\WINDOWS\System32\Ten.exe
O4 - HKLM\..\Run: [Ppi] C:\WINDOWS\System32\Oqn.exe
O4 - HKLM\..\Run: [Iii] C:\WINDOWS\System32\Hfr.exe
O4 - HKLM\..\Run: [Cfk] C:\WINDOWS\System32\Fef.exe
O4 - HKLM\..\Run: [Mst] C:\WINDOWS\Tbo.exe
O4 - HKLM\..\Run: [Clm] C:\WINDOWS\System32\Tud.exe
O4 - HKLM\..\Run: [Mvu] C:\WINDOWS\System32\Lal.exe
O4 - HKLM\..\Run: [Tnh] C:\WINDOWS\Uus.exe
O4 - HKLM\..\Run: [Iie] C:\WINDOWS\Rhf.exe
O4 - HKLM\..\Run: [Ino] C:\WINDOWS\System32\Lgo.exe
O4 - HKLM\..\Run: [Ppn] C:\WINDOWS\Cor.exe
O4 - HKLM\..\Run: [Mdt] C:\WINDOWS\Cgj.exe
O4 - HKLM\..\Run: [Kdl] C:\WINDOWS\Qne.exe
O4 - HKLM\..\Run: [Dgg] C:\WINDOWS\Eir.exe
O4 - HKLM\..\Run: [Udn] C:\WINDOWS\System32\Cao.exe
O4 - HKLM\..\Run: [Gjb] C:\WINDOWS\Ljn.exe
O4 - HKLM\..\Run: [Tif] C:\WINDOWS\System32\Osr.exe
O4 - HKLM\..\Run: [Qsr] C:\WINDOWS\System32\Hiv.exe
O4 - HKLM\..\Run: [Gik] C:\WINDOWS\Cvp.exe
O4 - HKLM\..\Run: [Gue] C:\WINDOWS\Njq.exe
O4 - HKLM\..\Run: [Rfl] C:\WINDOWS\Sfs.exe
O4 - HKLM\..\Run: [Lfc] C:\WINDOWS\Mre.exe
O4 - HKLM\..\Run: [Gto] C:\WINDOWS\Oou.exe
O4 - HKLM\..\Run: [Hih] C:\WINDOWS\System32\Qnt.exe
O4 - HKLM\..\Run: [Tbu] C:\WINDOWS\Avb.exe
O4 - HKLM\..\Run: [Vrc] C:\WINDOWS\System32\Jta.exe
O4 - HKLM\..\Run: [Eqn] C:\WINDOWS\Jrv.exe
O4 - HKLM\..\Run: [Bnh] C:\WINDOWS\System32\Bik.exe
O4 - HKLM\..\Run: [Gij] C:\WINDOWS\Cne.exe
O4 - HKLM\..\Run: [Srf] C:\WINDOWS\System32\Ngb.exe
O4 - HKLM\..\Run: [Bfj] C:\WINDOWS\System32\Rsd.exe
O4 - HKLM\..\Run: [Dgf] C:\WINDOWS\Cst.exe
O4 - HKLM\..\Run: [Vba] C:\WINDOWS\Aap.exe
O4 - HKLM\..\Run: [Efh] C:\WINDOWS\Pvv.exe
O4 - HKLM\..\Run: [Idh] C:\WINDOWS\Hnm.exe
O4 - HKLM\..\Run: [Nla] C:\WINDOWS\Rln.exe
O4 - HKLM\..\Run: [Ssd] C:\WINDOWS\Lhf.exe
O4 - HKLM\..\Run: [Shj] C:\WINDOWS\Ieq.exe
O4 - HKLM\..\Run: [Ggu] C:\WINDOWS\System32\Goe.exe
O4 - HKLM\..\Run: [Hgh] C:\WINDOWS\System32\Uhh.exe
O4 - HKLM\..\Run: [Dhb] C:\WINDOWS\System32\Cjd.exe
O4 - HKLM\..\Run: [Jjb] C:\WINDOWS\Rcs.exe
O4 - HKLM\..\Run: [Bjp] C:\WINDOWS\Mog.exe
O4 - HKLM\..\Run: [Sbp] C:\WINDOWS\Vlk.exe
O4 - HKLM\..\Run: [Hoh] C:\WINDOWS\System32\Rqb.exe
O4 - HKLM\..\Run: [Nqs] C:\WINDOWS\System32\Uku.exe
O4 - HKLM\..\Run: [Lgg] C:\WINDOWS\System32\Vpl.exe
O4 - HKLM\..\Run: [Cvr] C:\WINDOWS\Tps.exe
O4 - HKLM\..\Run: [Flt] C:\WINDOWS\System32\Vco.exe
O4 - HKLM\..\Run: [Ufc] C:\WINDOWS\System32\Vla.exe
O4 - HKLM\..\Run: [Rri] C:\WINDOWS\Lco.exe
O4 - HKLM\..\Run: [Jrh] C:\WINDOWS\System32\Hap.exe
O4 - HKLM\..\Run: [Rjt] C:\WINDOWS\System32\Ius.exe
O4 - HKLM\..\Run: [Cuu] C:\WINDOWS\Rjk.exe
O4 - HKLM\..\Run: [Pmq] C:\WINDOWS\Vlh.exe
O4 - HKLM\..\Run: [Ltb] C:\WINDOWS\System32\Cca.exe
O4 - HKLM\..\Run: [Pgr] C:\WINDOWS\Iml.exe
O4 - HKLM\..\Run: [Ojn] C:\WINDOWS\System32\Rmg.exe
O4 - HKLM\..\Run: [Cdg] C:\WINDOWS\Rgc.exe
O4 - HKLM\..\Run: [Jau] C:\WINDOWS\Vqt.exe
O4 - HKLM\..\Run: [Mpj] C:\WINDOWS\Nuc.exe
O4 - HKLM\..\Run: [Dkt] C:\WINDOWS\Rtd.exe
O4 - HKLM\..\Run: [Uhe] C:\WINDOWS\Qjj.exe
O4 - HKLM\..\Run: [Dnq] C:\WINDOWS\Gnr.exe
O4 - HKLM\..\Run: [Mui] C:\WINDOWS\System32\Bmd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Fbt] C:\WINDOWS\System32\Onh.exe
O4 - HKCU\..\Run: [Gel] C:\WINDOWS\System32\Lpa.exe
O4 - HKCU\..\Run: [Sqh] C:\WINDOWS\Qiu.exe
O4 - HKCU\..\Run: [Eml] C:\WINDOWS\System32\Lhj.exe
O4 - HKCU\..\Run: [Cnb] C:\WINDOWS\Jld.exe
O4 - HKCU\..\Run: [Aln] C:\WINDOWS\System32\Msv.exe
O4 - HKCU\..\Run: [Fjm] C:\WINDOWS\Jkm.exe
O4 - HKCU\..\Run: [Pbh] C:\WINDOWS\System32\Kic.exe
O4 - HKCU\..\Run: [Suf] C:\WINDOWS\System32\Rcr.exe
O4 - HKCU\..\Run: [Rlf] C:\WINDOWS\System32\Gqj.exe
O4 - HKCU\..\Run: [Gdn] C:\WINDOWS\Dke.exe
O4 - HKCU\..\Run: [Ccj] C:\WINDOWS\System32\Tve.exe
O4 - HKCU\..\Run: [Bpf] C:\WINDOWS\Ugs.exe
O4 - HKCU\..\Run: [Lof] C:\WINDOWS\Fmh.exe
O4 - HKCU\..\Run: [Jtj] C:\WINDOWS\Nha.exe
O4 - HKCU\..\Run: [Vsg] C:\WINDOWS\System32\Mdp.exe
O4 - HKCU\..\Run: [Ufj] C:\WINDOWS\System32\Vme.exe
O4 - HKCU\..\Run: [Enl] C:\WINDOWS\Vtl.exe
O4 - HKCU\..\Run: [Hsp] C:\WINDOWS\Gvk.exe
O4 - HKCU\..\Run: [Glv] C:\WINDOWS\System32\Lec.exe
O4 - HKCU\..\Run: [Ogu] C:\WINDOWS\Sid.exe
O4 - HKCU\..\Run: [Nvq] C:\WINDOWS\Fli.exe
O4 - HKCU\..\Run: [Its] C:\WINDOWS\System32\Fuu.exe
O4 - HKCU\..\Run: [Vgh] C:\WINDOWS\System32\Qga.exe
O4 - HKCU\..\Run: [Ncv] C:\WINDOWS\Drh.exe
O4 - HKCU\..\Run: [Olr] C:\WINDOWS\System32\Khq.exe
O4 - HKCU\..\Run: [Dqq] C:\WINDOWS\Uph.exe
O4 - HKCU\..\Run: [Fcc] C:\WINDOWS\System32\Bvj.exe
O4 - HKCU\..\Run: [Uhu] C:\WINDOWS\Ppb.exe
O4 - HKCU\..\Run: [Sjp] C:\WINDOWS\System32\Lsq.exe
O4 - HKCU\..\Run: [Qpk] C:\WINDOWS\System32\Tch.exe
O4 - HKCU\..\Run: [Bdp] C:\WINDOWS\Nfk.exe
O4 - HKCU\..\Run: [Imo] C:\WINDOWS\System32\Lnc.exe
O4 - HKCU\..\Run: [Dkl] C:\WINDOWS\System32\Seu.exe
O4 - HKCU\..\Run: [Kus] C:\WINDOWS\System32\Slg.exe
O4 - HKCU\..\Run: [Msv] C:\WINDOWS\System32\Nfh.exe
O4 - HKCU\..\Run: [Jgk] C:\WINDOWS\Gbu.exe
O4 - HKCU\..\Run: [Gtd] C:\WINDOWS\System32\Gvr.exe
O4 - HKCU\..\Run: [Cqb] C:\WINDOWS\System32\Jih.exe
O4 - HKCU\..\Run: [Vpv] C:\WINDOWS\System32\Lol.exe
O4 - HKCU\..\Run: [Nme] C:\WINDOWS\System32\Hrr.exe
O4 - HKCU\..\Run: [Pfe] C:\WINDOWS\System32\Tmc.exe
O4 - HKCU\..\Run: [Gbv] C:\WINDOWS\Udq.exe
O4 - HKCU\..\Run: [Kju] C:\WINDOWS\System32\Jub.exe
O4 - HKCU\..\Run: [Fsl] C:\WINDOWS\Fcj.exe
O4 - HKCU\..\Run: [Pqs] C:\WINDOWS\System32\Cbj.exe
O4 - HKCU\..\Run: [Vrg] C:\WINDOWS\System32\Rdc.exe
O4 - HKCU\..\Run: [Ubr] C:\WINDOWS\System32\Pre.exe
O4 - HKCU\..\Run: [Dnm] C:\WINDOWS\System32\Kge.exe
O4 - HKCU\..\Run: [Hup] C:\WINDOWS\Fha.exe
O4 - HKCU\..\Run: [Ikk] C:\WINDOWS\System32\Dru.exe
O4 - HKCU\..\Run: [Nov] C:\WINDOWS\System32\Ulr.exe
O4 - HKCU\..\Run: [Cll] C:\WINDOWS\Gfa.exe
O4 - HKCU\..\Run: [Nml] C:\WINDOWS\System32\Qde.exe
O4 - HKCU\..\Run: [For] C:\WINDOWS\System32\Kls.exe
O4 - HKCU\..\Run: [Vos] C:\WINDOWS\System32\Nke.exe
O4 - HKCU\..\Run: [And] C:\WINDOWS\Idc.exe
O4 - HKCU\..\Run: [Nso] C:\WINDOWS\System32\Bit.exe
O4 - HKCU\..\Run: [Umn] C:\WINDOWS\System32\Osk.exe
O4 - HKCU\..\Run: [Ggq] C:\WINDOWS\System32\Iif.exe
O4 - HKCU\..\Run: [Lhd] C:\WINDOWS\Kks.exe
O4 - HKCU\..\Run: [Rkh] C:\WINDOWS\Arb.exe
O4 - HKCU\..\Run: [Ffr] C:\WINDOWS\Hvr.exe
O4 - HKCU\..\Run: [Tqs] C:\WINDOWS\System32\Hgq.exe
O4 - HKCU\..\Run: [Dav] C:\WINDOWS\Nfb.exe
O4 - HKCU\..\Run: [Gla] C:\WINDOWS\System32\Cgf.exe
O4 - HKCU\..\Run: [Tki] C:\WINDOWS\System32\Cim.exe
O4 - HKCU\..\Run: [Vhp] C:\WINDOWS\Slt.exe
O4 - HKCU\..\Run: [Tnb] C:\WINDOWS\Pbi.exe
O4 - HKCU\..\Run: [Bda] C:\WINDOWS\Ndr.exe
O4 - HKCU\..\Run: [Dpq] C:\WINDOWS\Bbq.exe
O4 - HKCU\..\Run: [Djh] C:\WINDOWS\System32\Sgj.exe
O4 - HKCU\..\Run: [Gsn] C:\WINDOWS\System32\Een.exe
O4 - HKCU\..\Run: [Tkv] C:\WINDOWS\Miu.exe
O4 - HKCU\..\Run: [Ssh] C:\WINDOWS\Cdi.exe
O4 - HKCU\..\Run: [Gbc] C:\WINDOWS\System32\Nmv.exe
O4 - HKCU\..\Run: [Pnt] C:\WINDOWS\Khb.exe
O4 - HKCU\..\Run: [Nao] C:\WINDOWS\Caa.exe
O4 - HKCU\..\Run: [Ujq] C:\WINDOWS\System32\Hfr.exe
O4 - HKCU\..\Run: [Ebb] C:\WINDOWS\System32\Dfo.exe
O4 - HKCU\..\Run: [Rhn] C:\WINDOWS\Ose.exe
O4 - HKCU\..\Run: [Kmr] C:\WINDOWS\System32\Bbv.exe
O4 - HKCU\..\Run: [Qas] C:\WINDOWS\Mbs.exe
O4 - HKCU\..\Run: [Eqf] C:\WINDOWS\Khe.exe
O4 - HKCU\..\Run: [Ihg] C:\WINDOWS\System32\Hsa.exe
O4 - HKCU\..\Run: [Msq] C:\WINDOWS\Agm.exe
O4 - HKCU\..\Run: [Fqt] C:\WINDOWS\Gfj.exe
O4 - HKCU\..\Run: [Kjq] C:\WINDOWS\System32\Udb.exe
O4 - HKCU\..\Run: [Jha] C:\WINDOWS\Ght.exe
O4 - HKCU\..\Run: [Qlp] C:\WINDOWS\System32\Dpv.exe
O4 - HKCU\..\Run: [Ske] C:\WINDOWS\Hkc.exe
O4 - HKCU\..\Run: [Qlc] C:\WINDOWS\System32\Auv.exe
O4 - HKCU\..\Run: [Ckp] C:\WINDOWS\Cpu.exe
O4 - HKCU\..\Run: [Aai] C:\WINDOWS\Coo.exe
O4 - HKCU\..\Run: [Bjo] C:\WINDOWS\System32\Nvj.exe
O4 - HKCU\..\Run: [Fne] C:\WINDOWS\System32\Aru.exe
O4 - HKCU\..\Run: [Udu] C:\WINDOWS\System32\Gme.exe
O4 - HKCU\..\Run: [Oaa] C:\WINDOWS\System32\Jef.exe
O4 - HKCU\..\Run: [Qna] C:\WINDOWS\Qds.exe
O4 - HKCU\..\Run: [Bif] C:\WINDOWS\Jvj.exe
O4 - HKCU\..\Run: [Iqv] C:\WINDOWS\System32\Pcm.exe
O4 - HKCU\..\Run: [Jom] C:\WINDOWS\Eba.exe
O4 - HKCU\..\Run: [Tlt] C:\WINDOWS\System32\Fln.exe
O4 - HKCU\..\Run: [Nga] C:\WINDOWS\Dme.exe
O4 - HKCU\..\Run: [Qfm] C:\WINDOWS\System32\Dqf.exe
O4 - HKCU\..\Run: [Sfs] C:\WINDOWS\Qjv.exe
O4 - HKCU\..\Run: [Fbd] C:\WINDOWS\System32\Ddg.exe
O4 - HKCU\..\Run: [Elk] C:\WINDOWS\Ehs.exe
O4 - HKCU\..\Run: [Ags] C:\WINDOWS\Trm.exe
O4 - HKCU\..\Run: [Hmc] C:\WINDOWS\System32\Aip.exe
O4 - HKCU\..\Run: [Hke] C:\WINDOWS\System32\Ten.exe
O4 - HKCU\..\Run: [Ppi] C:\WINDOWS\System32\Oqn.exe
O4 - HKCU\..\Run: [Iii] C:\WINDOWS\System32\Hfr.exe
O4 - HKCU\..\Run: [Cfk] C:\WINDOWS\System32\Fef.exe
O4 - HKCU\..\Run: [Mst] C:\WINDOWS\Tbo.exe
O4 - HKCU\..\Run: [Clm] C:\WINDOWS\System32\Tud.exe
O4 - HKCU\..\Run: [Mvu] C:\WINDOWS\System32\Lal.exe
O4 - HKCU\..\Run: [Tnh] C:\WINDOWS\Uus.exe
O4 - HKCU\..\Run: [Iie] C:\WINDOWS\Rhf.exe
O4 - HKCU\..\Run: [Ino] C:\WINDOWS\System32\Lgo.exe
O4 - HKCU\..\Run: [Ppn] C:\WINDOWS\Cor.exe
O4 - HKCU\..\Run: [Mdt] C:\WINDOWS\Cgj.exe
O4 - HKCU\..\Run: [Kdl] C:\WINDOWS\Qne.exe
O4 - HKCU\..\Run: [Dgg] C:\WINDOWS\Eir.exe
O4 - HKCU\..\Run: [Udn] C:\WINDOWS\System32\Cao.exe
O4 - HKCU\..\Run: [Gjb] C:\WINDOWS\Ljn.exe
O4 - HKCU\..\Run: [Gik] C:\WINDOWS\Cvp.exe
O4 - HKCU\..\Run: [Rfl] C:\WINDOWS\Sfs.exe
O4 - HKCU\..\Run: [Lfc] C:\WINDOWS\Mre.exe
O4 - HKCU\..\Run: [Gto] C:\WINDOWS\Oou.exe
O4 - HKCU\..\Run: [Hih] C:\WINDOWS\System32\Qnt.exe
O4 - HKCU\..\Run: [Tbu] C:\WINDOWS\Avb.exe
O4 - HKCU\..\Run: [Vrc] C:\WINDOWS\System32\Jta.exe
O4 - HKCU\..\Run: [Eqn] C:\WINDOWS\Jrv.exe
O4 - HKCU\..\Run: [Bnh] C:\WINDOWS\System32\Bik.exe
O4 - HKCU\..\Run: [Gij] C:\WINDOWS\Cne.exe
O4 - HKCU\..\Run: [Srf] C:\WINDOWS\System32\Ngb.exe
O4 - HKCU\..\Run: [Bfj] C:\WINDOWS\System32\Rsd.exe
O4 - HKCU\..\Run: [Dgf] C:\WINDOWS\Cst.exe
O4 - HKCU\..\Run: [Vba] C:\WINDOWS\Aap.exe
O4 - HKCU\..\Run: [Efh] C:\WINDOWS\Pvv.exe
O4 - HKCU\..\Run: [Idh] C:\WINDOWS\Hnm.exe
O4 - HKCU\..\Run: [Nla] C:\WINDOWS\Rln.exe
O4 - HKCU\..\Run: [Ssd] C:\WINDOWS\Lhf.exe
O4 - HKCU\..\Run: [Shj] C:\WINDOWS\Ieq.exe
O4 - HKCU\..\Run: [Ggu] C:\WINDOWS\System32\Goe.exe
O4 - HKCU\..\Run: [Hgh] C:\WINDOWS\System32\Uhh.exe
O4 - HKCU\..\Run: [Dhb] C:\WINDOWS\System32\Cjd.exe
O4 - HKCU\..\Run: [Jjb] C:\WINDOWS\Rcs.exe
O4 - HKCU\..\Run: [Bjp] C:\WINDOWS\Mog.exe
O4 - HKCU\..\Run: [Sbp] C:\WINDOWS\Vlk.exe
O4 - HKCU\..\Run: [Hoh] C:\WINDOWS\System32\Rqb.exe
O4 - HKCU\..\Run: [Nqs] C:\WINDOWS\System32\Uku.exe
O4 - HKCU\..\Run: [Lgg] C:\WINDOWS\System32\Vpl.exe
O4 - HKCU\..\Run: [Cvr] C:\WINDOWS\Tps.exe
O4 - HKCU\..\Run: [Flt] C:\WINDOWS\System32\Vco.exe
O4 - HKCU\..\Run: [Ufc] C:\WINDOWS\System32\Vla.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Rri] C:\WINDOWS\Lco.exe
O4 - HKCU\..\Run: [Jrh] C:\WINDOWS\System32\Hap.exe
O4 - HKCU\..\Run: [Rjt] C:\WINDOWS\System32\Ius.exe
O4 - HKCU\..\Run: [Cuu] C:\WINDOWS\Rjk.exe
O4 - HKCU\..\Run: [Pmq] C:\WINDOWS\Vlh.exe
O4 - HKCU\..\Run: [Ltb] C:\WINDOWS\System32\Cca.exe
O4 - HKCU\..\Run: [Pgr] C:\WINDOWS\Iml.exe
O4 - HKCU\..\Run: [Ojn] C:\WINDOWS\System32\Rmg.exe
O4 - HKCU\..\Run: [Cdg] C:\WINDOWS\Rgc.exe
O4 - HKCU\..\Run: [Jau] C:\WINDOWS\Vqt.exe
O4 - HKCU\..\Run: [Mpj] C:\WINDOWS\Nuc.exe
O4 - HKCU\..\Run: [Dkt] C:\WINDOWS\Rtd.exe
O4 - HKCU\..\Run: [Uhe] C:\WINDOWS\Qjj.exe
O4 - HKCU\..\Run: [Dnq] C:\WINDOWS\Gnr.exe
O4 - HKCU\..\Run: [Mui] C:\WINDOWS\System32\Bmd.exe
O4 - Startup: winupdate98589498[1].exe
l
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Microsoft AntiSpyware helper - {27A832DF-427D-4430-A49A-C44E0C0FD700} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {27A832DF-427D-4430-A49A-C44E0C0FD700} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {42BDDD12-298E-4E1B-B2BE-B94538C1ACE4} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {42BDDD12-298E-4E1B-B2BE-B94538C1ACE4} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {5B4369AA-7F04-48C4-A9CF-A4C7644DE837} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {5B4369AA-7F04-48C4-A9CF-A4C7644DE837} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {5FC6A6CE-8DA1-48A5-BC56-AB121C623454} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {5FC6A6CE-8DA1-48A5-BC56-AB121C623454} - (no file) (HKCU)

O20 - Winlogon Notify: drct16 - C:\WINDOWS\SYSTEM32\drct16.dll

Please reboot into safe mode (continually tap the F8 key while your system is starting, select Safe Mode from the menu).
Be sure you're able to view hidden files, and remove the following files (if found):

C:\WINDOWS\Spo.exe
C:\WINDOWS\System32\Dil.exe
C:\WINDOWS\System32\Rdn.exe
C:\WINDOWS\System32\Gaa.exe
C:\WINDOWS\Cig.exe
C:\WINDOWS\Nlu.exe

Go through and delete all the following files: I don't have time to delete the beginning of each one, for example-- "04-hklm\..run: [xxx]"

O4 - HKLM\..\Run: [Iap] C:\WINDOWS\System32\Dmj.exe
O4 - HKLM\..\Run: [Fbt] C:\WINDOWS\System32\Onh.exe

and so on. Just ignore the "04-hklm\..run: part." Find the file and delete it.

O4 - HKLM\..\Run: [Gel] C:\WINDOWS\System32\Lpa.exe
O4 - HKLM\..\Run: [Sqh] C:\WINDOWS\Qiu.exe
O4 - HKLM\..\Run: [Eml] C:\WINDOWS\System32\Lhj.exe
O4 - HKLM\..\Run: [Cnb] C:\WINDOWS\Jld.exe
O4 - HKLM\..\Run: [Aln] C:\WINDOWS\System32\Msv.exe
O4 - HKLM\..\Run: [Fjm] C:\WINDOWS\Jkm.exe
O4 - HKLM\..\Run: [Pbh] C:\WINDOWS\System32\Kic.exe
O4 - HKLM\..\Run: [Suf] C:\WINDOWS\System32\Rcr.exe
O4 - HKLM\..\Run: [Rlf] C:\WINDOWS\System32\Gqj.exe
O4 - HKLM\..\Run: [Gdn] C:\WINDOWS\Dke.exe
O4 - HKLM\..\Run: [Ccj] C:\WINDOWS\System32\Tve.exe
O4 - HKLM\..\Run: [Bpf] C:\WINDOWS\Ugs.exe
O4 - HKLM\..\Run: [Lof] C:\WINDOWS\Fmh.exe
O4 - HKLM\..\Run: [Jtj] C:\WINDOWS\Nha.exe
O4 - HKLM\..\Run: [Vsg] C:\WINDOWS\System32\Mdp.exe
O4 - HKLM\..\Run: [Ufj] C:\WINDOWS\System32\Vme.exe
O4 - HKLM\..\Run: [Enl] C:\WINDOWS\Vtl.exe
O4 - HKLM\..\Run: [Hsp] C:\WINDOWS\Gvk.exe
O4 - HKLM\..\Run: [Glv] C:\WINDOWS\System32\Lec.exe
O4 - HKLM\..\Run: [Ogu] C:\WINDOWS\Sid.exe
O4 - HKLM\..\Run: [Nvq] C:\WINDOWS\Fli.exe
O4 - HKLM\..\Run: [Its] C:\WINDOWS\System32\Fuu.exe
O4 - HKLM\..\Run: [Vgh] C:\WINDOWS\System32\Qga.exe
O4 - HKLM\..\Run: [Ncv] C:\WINDOWS\Drh.exe
O4 - HKLM\..\Run: [Olr] C:\WINDOWS\System32\Khq.exe
O4 - HKLM\..\Run: [Dqq] C:\WINDOWS\Uph.exe
O4 - HKLM\..\Run: [Fcc] C:\WINDOWS\System32\Bvj.exe
O4 - HKLM\..\Run: [Uhu] C:\WINDOWS\Ppb.exe
O4 - HKLM\..\Run: [Sjp] C:\WINDOWS\System32\Lsq.exe
O4 - HKLM\..\Run: [Qpk] C:\WINDOWS\System32\Tch.exe
O4 - HKLM\..\Run: [Bdp] C:\WINDOWS\Nfk.exe
O4 - HKLM\..\Run: [Imo] C:\WINDOWS\System32\Lnc.exe
O4 - HKLM\..\Run: [Dkl] C:\WINDOWS\System32\Seu.exe
O4 - HKLM\..\Run: [Kus] C:\WINDOWS\System32\Slg.exe
O4 - HKLM\..\Run: [Msv] C:\WINDOWS\System32\Nfh.exe
O4 - HKLM\..\Run: [Jgk] C:\WINDOWS\Gbu.exe
O4 - HKLM\..\Run: [Gtd] C:\WINDOWS\System32\Gvr.exe
O4 - HKLM\..\Run: [Cqb] C:\WINDOWS\System32\Jih.exe
O4 - HKLM\..\Run: [Vpv] C:\WINDOWS\System32\Lol.exe
O4 - HKLM\..\Run: [Nme] C:\WINDOWS\System32\Hrr.exe
O4 - HKLM\..\Run: [Pfe] C:\WINDOWS\System32\Tmc.exe
O4 - HKLM\..\Run: [Gbv] C:\WINDOWS\Udq.exe
O4 - HKLM\..\Run: [Kju] C:\WINDOWS\System32\Jub.exe
O4 - HKLM\..\Run: [Fsl] C:\WINDOWS\Fcj.exe
O4 - HKLM\..\Run: [Pqs] C:\WINDOWS\System32\Cbj.exe
O4 - HKLM\..\Run: [Vrg] C:\WINDOWS\System32\Rdc.exe
O4 - HKLM\..\Run: [Ubr] C:\WINDOWS\System32\Pre.exe
O4 - HKLM\..\Run: [Dnm] C:\WINDOWS\System32\Kge.exe
O4 - HKLM\..\Run: [Hup] C:\WINDOWS\Fha.exe
O4 - HKLM\..\Run: [Ikk] C:\WINDOWS\System32\Dru.exe
O4 - HKLM\..\Run: [Nov] C:\WINDOWS\System32\Ulr.exe
O4 - HKLM\..\Run: [Cll] C:\WINDOWS\Gfa.exe
O4 - HKLM\..\Run: [Nml] C:\WINDOWS\System32\Qde.exe
O4 - HKLM\..\Run: [For] C:\WINDOWS\System32\Kls.exe
O4 - HKLM\..\Run: [Vos] C:\WINDOWS\System32\Nke.exe
O4 - HKLM\..\Run: [And] C:\WINDOWS\Idc.exe
O4 - HKLM\..\Run: [Nso] C:\WINDOWS\System32\Bit.exe
O4 - HKLM\..\Run: [Umn] C:\WINDOWS\System32\Osk.exe
O4 - HKLM\..\Run: [Ggq] C:\WINDOWS\System32\Iif.exe
O4 - HKLM\..\Run: [Lhd] C:\WINDOWS\Kks.exe
O4 - HKLM\..\Run: [Rkh] C:\WINDOWS\Arb.exe
O4 - HKLM\..\Run: [Ffr] C:\WINDOWS\Hvr.exe
O4 - HKLM\..\Run: [Tqs] C:\WINDOWS\System32\Hgq.exe
O4 - HKLM\..\Run: [Dav] C:\WINDOWS\Nfb.exe
O4 - HKLM\..\Run: [Gla] C:\WINDOWS\System32\Cgf.exe
O4 - HKLM\..\Run: [Tki] C:\WINDOWS\System32\Cim.exe
O4 - HKLM\..\Run: [Vhp] C:\WINDOWS\Slt.exe
O4 - HKLM\..\Run: [Tnb] C:\WINDOWS\Pbi.exe
O4 - HKLM\..\Run: [Bda] C:\WINDOWS\Ndr.exe
O4 - HKLM\..\Run: [Dpq] C:\WINDOWS\Bbq.exe
O4 - HKLM\..\Run: [Djh] C:\WINDOWS\System32\Sgj.exe
O4 - HKLM\..\Run: [Gsn] C:\WINDOWS\System32\Een.exe
O4 - HKLM\..\Run: [Tkv] C:\WINDOWS\Miu.exe
O4 - HKLM\..\Run: [Ssh] C:\WINDOWS\Cdi.exe
O4 - HKLM\..\Run: [Gbc] C:\WINDOWS\System32\Nmv.exe
O4 - HKLM\..\Run: [Pnt] C:\WINDOWS\Khb.exe
O4 - HKLM\..\Run: [Nao] C:\WINDOWS\Caa.exe
O4 - HKLM\..\Run: [Ujq] C:\WINDOWS\System32\Hfr.exe
O4 - HKLM\..\Run: [Ebb] C:\WINDOWS\System32\Dfo.exe
O4 - HKLM\..\Run: [Rhn] C:\WINDOWS\Ose.exe
O4 - HKLM\..\Run: [Kmr] C:\WINDOWS\System32\Bbv.exe
O4 - HKLM\..\Run: [Qas] C:\WINDOWS\Mbs.exe
O4 - HKLM\..\Run: [Eqf] C:\WINDOWS\Khe.exe
O4 - HKLM\..\Run: [Ihg] C:\WINDOWS\System32\Hsa.exe
O4 - HKLM\..\Run: [Msq] C:\WINDOWS\Agm.exe
O4 - HKLM\..\Run: [Fqt] C:\WINDOWS\Gfj.exe
O4 - HKLM\..\Run: [Kjq] C:\WINDOWS\System32\Udb.exe
O4 - HKLM\..\Run: [Jha] C:\WINDOWS\Ght.exe
O4 - HKLM\..\Run: [Qlp] C:\WINDOWS\System32\Dpv.exe
O4 - HKLM\..\Run: [Ske] C:\WINDOWS\Hkc.exe
O4 - HKLM\..\Run: [Qlc] C:\WINDOWS\System32\Auv.exe
O4 - HKLM\..\Run: [Ckp] C:\WINDOWS\Cpu.exe
O4 - HKLM\..\Run: [Aai] C:\WINDOWS\Coo.exe
O4 - HKLM\..\Run: [Bjo] C:\WINDOWS\System32\Nvj.exe
O4 - HKLM\..\Run: [Fne] C:\WINDOWS\System32\Aru.exe
O4 - HKLM\..\Run: [Udu] C:\WINDOWS\System32\Gme.exe
O4 - HKLM\..\Run: [Oaa] C:\WINDOWS\System32\Jef.exe
O4 - HKLM\..\Run: [Qna] C:\WINDOWS\Qds.exe
O4 - HKLM\..\Run: [Bif] C:\WINDOWS\Jvj.exe
O4 - HKLM\..\Run: [Iqv] C:\WINDOWS\System32\Pcm.exe
O4 - HKLM\..\Run: [Jom] C:\WINDOWS\Eba.exe
O4 - HKLM\..\Run: [Tlt] C:\WINDOWS\System32\Fln.exe
O4 - HKLM\..\Run: [Nga] C:\WINDOWS\Dme.exe
O4 - HKLM\..\Run: [Qfm] C:\WINDOWS\System32\Dqf.exe
O4 - HKLM\..\Run: [Sfs] C:\WINDOWS\Qjv.exe
O4 - HKLM\..\Run: [Fbd] C:\WINDOWS\System32\Ddg.exe
O4 - HKLM\..\Run: [Elk] C:\WINDOWS\Ehs.exe
O4 - HKLM\..\Run: [Ags] C:\WINDOWS\Trm.exe
O4 - HKLM\..\Run: [Hmc] C:\WINDOWS\System32\Aip.exe
O4 - HKLM\..\Run: [Hke] C:\WINDOWS\System32\Ten.exe
O4 - HKLM\..\Run: [Ppi] C:\WINDOWS\System32\Oqn.exe
O4 - HKLM\..\Run: [Iii] C:\WINDOWS\System32\Hfr.exe
O4 - HKLM\..\Run: [Cfk] C:\WINDOWS\System32\Fef.exe
O4 - HKLM\..\Run: [Mst] C:\WINDOWS\Tbo.exe
O4 - HKLM\..\Run: [Clm] C:\WINDOWS\System32\Tud.exe
O4 - HKLM\..\Run: [Mvu] C:\WINDOWS\System32\Lal.exe
O4 - HKLM\..\Run: [Tnh] C:\WINDOWS\Uus.exe
O4 - HKLM\..\Run: [Iie] C:\WINDOWS\Rhf.exe
O4 - HKLM\..\Run: [Ino] C:\WINDOWS\System32\Lgo.exe
O4 - HKLM\..\Run: [Ppn] C:\WINDOWS\Cor.exe
O4 - HKLM\..\Run: [Mdt] C:\WINDOWS\Cgj.exe
O4 - HKLM\..\Run: [Kdl] C:\WINDOWS\Qne.exe
O4 - HKLM\..\Run: [Dgg] C:\WINDOWS\Eir.exe
O4 - HKLM\..\Run: [Udn] C:\WINDOWS\System32\Cao.exe
O4 - HKLM\..\Run: [Gjb] C:\WINDOWS\Ljn.exe
O4 - HKLM\..\Run: [Tif] C:\WINDOWS\System32\Osr.exe
O4 - HKLM\..\Run: [Qsr] C:\WINDOWS\System32\Hiv.exe
O4 - HKLM\..\Run: [Gik] C:\WINDOWS\Cvp.exe
O4 - HKLM\..\Run: [Gue] C:\WINDOWS\Njq.exe
O4 - HKLM\..\Run: [Rfl] C:\WINDOWS\Sfs.exe
O4 - HKLM\..\Run: [Lfc] C:\WINDOWS\Mre.exe
O4 - HKLM\..\Run: [Gto] C:\WINDOWS\Oou.exe
O4 - HKLM\..\Run: [Hih] C:\WINDOWS\System32\Qnt.exe
O4 - HKLM\..\Run: [Tbu] C:\WINDOWS\Avb.exe
O4 - HKLM\..\Run: [Vrc] C:\WINDOWS\System32\Jta.exe
O4 - HKLM\..\Run: [Eqn] C:\WINDOWS\Jrv.exe
O4 - HKLM\..\Run: [Bnh] C:\WINDOWS\System32\Bik.exe
O4 - HKLM\..\Run: [Gij] C:\WINDOWS\Cne.exe
O4 - HKLM\..\Run: [Srf] C:\WINDOWS\System32\Ngb.exe
O4 - HKLM\..\Run: [Bfj] C:\WINDOWS\System32\Rsd.exe
O4 - HKLM\..\Run: [Dgf] C:\WINDOWS\Cst.exe
O4 - HKLM\..\Run: [Vba] C:\WINDOWS\Aap.exe
O4 - HKLM\..\Run: [Efh] C:\WINDOWS\Pvv.exe
O4 - HKLM\..\Run: [Idh] C:\WINDOWS\Hnm.exe
O4 - HKLM\..\Run: [Nla] C:\WINDOWS\Rln.exe
O4 - HKLM\..\Run: [Ssd] C:\WINDOWS\Lhf.exe
O4 - HKLM\..\Run: [Shj] C:\WINDOWS\Ieq.exe
O4 - HKLM\..\Run: [Ggu] C:\WINDOWS\System32\Goe.exe
O4 - HKLM\..\Run: [Hgh] C:\WINDOWS\System32\Uhh.exe
O4 - HKLM\..\Run: [Dhb] C:\WINDOWS\System32\Cjd.exe
O4 - HKLM\..\Run: [Jjb] C:\WINDOWS\Rcs.exe
O4 - HKLM\..\Run: [Bjp] C:\WINDOWS\Mog.exe
O4 - HKLM\..\Run: [Sbp] C:\WINDOWS\Vlk.exe
O4 - HKLM\..\Run: [Hoh] C:\WINDOWS\System32\Rqb.exe
O4 - HKLM\..\Run: [Nqs] C:\WINDOWS\System32\Uku.exe
O4 - HKLM\..\Run: [Lgg] C:\WINDOWS\System32\Vpl.exe
O4 - HKLM\..\Run: [Cvr] C:\WINDOWS\Tps.exe
O4 - HKLM\..\Run: [Flt] C:\WINDOWS\System32\Vco.exe
O4 - HKLM\..\Run: [Ufc] C:\WINDOWS\System32\Vla.exe
O4 - HKLM\..\Run: [Rri] C:\WINDOWS\Lco.exe
O4 - HKLM\..\Run: [Jrh] C:\WINDOWS\System32\Hap.exe
O4 - HKLM\..\Run: [Rjt] C:\WINDOWS\System32\Ius.exe
O4 - HKLM\..\Run: [Cuu] C:\WINDOWS\Rjk.exe
O4 - HKLM\..\Run: [Pmq] C:\WINDOWS\Vlh.exe
O4 - HKLM\..\Run: [Ltb] C:\WINDOWS\System32\Cca.exe
O4 - HKLM\..\Run: [Pgr] C:\WINDOWS\Iml.exe
O4 - HKLM\..\Run: [Ojn] C:\WINDOWS\System32\Rmg.exe
O4 - HKLM\..\Run: [Cdg] C:\WINDOWS\Rgc.exe
O4 - HKLM\..\Run: [Jau] C:\WINDOWS\Vqt.exe
O4 - HKLM\..\Run: [Mpj] C:\WINDOWS\Nuc.exe
O4 - HKLM\..\Run: [Dkt] C:\WINDOWS\Rtd.exe
O4 - HKLM\..\Run: [Uhe] C:\WINDOWS\Qjj.exe
O4 - HKLM\..\Run: [Dnq] C:\WINDOWS\Gnr.exe
O4 - HKLM\..\Run: [Mui] C:\WINDOWS\System32\Bmd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Fbt] C:\WINDOWS\System32\Onh.exe
O4 - HKCU\..\Run: [Gel] C:\WINDOWS\System32\Lpa.exe
O4 - HKCU\..\Run: [Sqh] C:\WINDOWS\Qiu.exe
O4 - HKCU\..\Run: [Eml] C:\WINDOWS\System32\Lhj.exe
O4 - HKCU\..\Run: [Cnb] C:\WINDOWS\Jld.exe
O4 - HKCU\..\Run: [Aln] C:\WINDOWS\System32\Msv.exe
O4 - HKCU\..\Run: [Fjm] C:\WINDOWS\Jkm.exe
O4 - HKCU\..\Run: [Pbh] C:\WINDOWS\System32\Kic.exe
O4 - HKCU\..\Run: [Suf] C:\WINDOWS\System32\Rcr.exe
O4 - HKCU\..\Run: [Rlf] C:\WINDOWS\System32\Gqj.exe
O4 - HKCU\..\Run: [Gdn] C:\WINDOWS\Dke.exe
O4 - HKCU\..\Run: [Ccj] C:\WINDOWS\System32\Tve.exe
O4 - HKCU\..\Run: [Bpf] C:\WINDOWS\Ugs.exe
O4 - HKCU\..\Run: [Lof] C:\WINDOWS\Fmh.exe
O4 - HKCU\..\Run: [Jtj] C:\WINDOWS\Nha.exe
O4 - HKCU\..\Run: [Vsg] C:\WINDOWS\System32\Mdp.exe
O4 - HKCU\..\Run: [Ufj] C:\WINDOWS\System32\Vme.exe
O4 - HKCU\..\Run: [Enl] C:\WINDOWS\Vtl.exe
O4 - HKCU\..\Run: [Hsp] C:\WINDOWS\Gvk.exe
O4 - HKCU\..\Run: [Glv] C:\WINDOWS\System32\Lec.exe
O4 - HKCU\..\Run: [Ogu] C:\WINDOWS\Sid.exe
O4 - HKCU\..\Run: [Nvq] C:\WINDOWS\Fli.exe
O4 - HKCU\..\Run: [Its] C:\WINDOWS\System32\Fuu.exe
O4 - HKCU\..\Run: [Vgh] C:\WINDOWS\System32\Qga.exe
O4 - HKCU\..\Run: [Ncv] C:\WINDOWS\Drh.exe
O4 - HKCU\..\Run: [Olr] C:\WINDOWS\System32\Khq.exe
O4 - HKCU\..\Run: [Dqq] C:\WINDOWS\Uph.exe
O4 - HKCU\..\Run: [Fcc] C:\WINDOWS\System32\Bvj.exe
O4 - HKCU\..\Run: [Uhu] C:\WINDOWS\Ppb.exe
O4 - HKCU\..\Run: [Sjp] C:\WINDOWS\System32\Lsq.exe
O4 - HKCU\..\Run: [Qpk] C:\WINDOWS\System32\Tch.exe
O4 - HKCU\..\Run: [Bdp] C:\WINDOWS\Nfk.exe
O4 - HKCU\..\Run: [Imo] C:\WINDOWS\System32\Lnc.exe
O4 - HKCU\..\Run: [Dkl] C:\WINDOWS\System32\Seu.exe
O4 - HKCU\..\Run: [Kus] C:\WINDOWS\System32\Slg.exe
O4 - HKCU\..\Run: [Msv] C:\WINDOWS\System32\Nfh.exe
O4 - HKCU\..\Run: [Jgk] C:\WINDOWS\Gbu.exe
O4 - HKCU\..\Run: [Gtd] C:\WINDOWS\System32\Gvr.exe
O4 - HKCU\..\Run: [Cqb] C:\WINDOWS\System32\Jih.exe
O4 - HKCU\..\Run: [Vpv] C:\WINDOWS\System32\Lol.exe
O4 - HKCU\..\Run: [Nme] C:\WINDOWS\System32\Hrr.exe
O4 - HKCU\..\Run: [Pfe] C:\WINDOWS\System32\Tmc.exe
O4 - HKCU\..\Run: [Gbv] C:\WINDOWS\Udq.exe
O4 - HKCU\..\Run: [Kju] C:\WINDOWS\System32\Jub.exe
O4 - HKCU\..\Run: [Fsl] C:\WINDOWS\Fcj.exe
O4 - HKCU\..\Run: [Pqs] C:\WINDOWS\System32\Cbj.exe
O4 - HKCU\..\Run: [Vrg] C:\WINDOWS\System32\Rdc.exe
O4 - HKCU\..\Run: [Ubr] C:\WINDOWS\System32\Pre.exe
O4 - HKCU\..\Run: [Dnm] C:\WINDOWS\System32\Kge.exe
O4 - HKCU\..\Run: [Hup] C:\WINDOWS\Fha.exe
O4 - HKCU\..\Run: [Ikk] C:\WINDOWS\System32\Dru.exe
O4 - HKCU\..\Run: [Nov] C:\WINDOWS\System32\Ulr.exe
O4 - HKCU\..\Run: [Cll] C:\WINDOWS\Gfa.exe
O4 - HKCU\..\Run: [Nml] C:\WINDOWS\System32\Qde.exe
O4 - HKCU\..\Run: [For] C:\WINDOWS\System32\Kls.exe
O4 - HKCU\..\Run: [Vos] C:\WINDOWS\System32\Nke.exe
O4 - HKCU\..\Run: [And] C:\WINDOWS\Idc.exe
O4 - HKCU\..\Run: [Nso] C:\WINDOWS\System32\Bit.exe
O4 - HKCU\..\Run: [Umn] C:\WINDOWS\System32\Osk.exe
O4 - HKCU\..\Run: [Ggq] C:\WINDOWS\System32\Iif.exe
O4 - HKCU\..\Run: [Lhd] C:\WINDOWS\Kks.exe
O4 - HKCU\..\Run: [Rkh] C:\WINDOWS\Arb.exe
O4 - HKCU\..\Run: [Ffr] C:\WINDOWS\Hvr.exe
O4 - HKCU\..\Run: [Tqs] C:\WINDOWS\System32\Hgq.exe
O4 - HKCU\..\Run: [Dav] C:\WINDOWS\Nfb.exe
O4 - HKCU\..\Run: [Gla] C:\WINDOWS\System32\Cgf.exe
O4 - HKCU\..\Run: [Tki] C:\WINDOWS\System32\Cim.exe
O4 - HKCU\..\Run: [Vhp] C:\WINDOWS\Slt.exe
O4 - HKCU\..\Run: [Tnb] C:\WINDOWS\Pbi.exe
O4 - HKCU\..\Run: [Bda] C:\WINDOWS\Ndr.exe
O4 - HKCU\..\Run: [Dpq] C:\WINDOWS\Bbq.exe
O4 - HKCU\..\Run: [Djh] C:\WINDOWS\System32\Sgj.exe
O4 - HKCU\..\Run: [Gsn] C:\WINDOWS\System32\Een.exe
O4 - HKCU\..\Run: [Tkv] C:\WINDOWS\Miu.exe
O4 - HKCU\..\Run: [Ssh] C:\WINDOWS\Cdi.exe
O4 - HKCU\..\Run: [Gbc] C:\WINDOWS\System32\Nmv.exe
O4 - HKCU\..\Run: [Pnt] C:\WINDOWS\Khb.exe
O4 - HKCU\..\Run: [Nao] C:\WINDOWS\Caa.exe
O4 - HKCU\..\Run: [Ujq] C:\WINDOWS\System32\Hfr.exe
O4 - HKCU\..\Run: [Ebb] C:\WINDOWS\System32\Dfo.exe
O4 - HKCU\..\Run: [Rhn] C:\WINDOWS\Ose.exe
O4 - HKCU\..\Run: [Kmr] C:\WINDOWS\System32\Bbv.exe
O4 - HKCU\..\Run: [Qas] C:\WINDOWS\Mbs.exe
O4 - HKCU\..\Run: [Eqf] C:\WINDOWS\Khe.exe
O4 - HKCU\..\Run: [Ihg] C:\WINDOWS\System32\Hsa.exe
O4 - HKCU\..\Run: [Msq] C:\WINDOWS\Agm.exe
O4 - HKCU\..\Run: [Fqt] C:\WINDOWS\Gfj.exe
O4 - HKCU\..\Run: [Kjq] C:\WINDOWS\System32\Udb.exe
O4 - HKCU\..\Run: [Jha] C:\WINDOWS\Ght.exe
O4 - HKCU\..\Run: [Qlp] C:\WINDOWS\System32\Dpv.exe
O4 - HKCU\..\Run: [Ske] C:\WINDOWS\Hkc.exe
O4 - HKCU\..\Run: [Qlc] C:\WINDOWS\System32\Auv.exe
O4 - HKCU\..\Run: [Ckp] C:\WINDOWS\Cpu.exe
O4 - HKCU\..\Run: [Aai] C:\WINDOWS\Coo.exe
O4 - HKCU\..\Run: [Bjo] C:\WINDOWS\System32\Nvj.exe
O4 - HKCU\..\Run: [Fne] C:\WINDOWS\System32\Aru.exe
O4 - HKCU\..\Run: [Udu] C:\WINDOWS\System32\Gme.exe
O4 - HKCU\..\Run: [Oaa] C:\WINDOWS\System32\Jef.exe
O4 - HKCU\..\Run: [Qna] C:\WINDOWS\Qds.exe
O4 - HKCU\..\Run: [Bif] C:\WINDOWS\Jvj.exe
O4 - HKCU\..\Run: [Iqv] C:\WINDOWS\System32\Pcm.exe
O4 - HKCU\..\Run: [Jom] C:\WINDOWS\Eba.exe
O4 - HKCU\..\Run: [Tlt] C:\WINDOWS\System32\Fln.exe
O4 - HKCU\..\Run: [Nga] C:\WINDOWS\Dme.exe
O4 - HKCU\..\Run: [Qfm] C:\WINDOWS\System32\Dqf.exe
O4 - HKCU\..\Run: [Sfs] C:\WINDOWS\Qjv.exe
O4 - HKCU\..\Run: [Fbd] C:\WINDOWS\System32\Ddg.exe
O4 - HKCU\..\Run: [Elk] C:\WINDOWS\Ehs.exe
O4 - HKCU\..\Run: [Ags] C:\WINDOWS\Trm.exe
O4 - HKCU\..\Run: [Hmc] C:\WINDOWS\System32\Aip.exe
O4 - HKCU\..\Run: [Hke] C:\WINDOWS\System32\Ten.exe
O4 - HKCU\..\Run: [Ppi] C:\WINDOWS\System32\Oqn.exe
O4 - HKCU\..\Run: [Iii] C:\WINDOWS\System32\Hfr.exe
O4 - HKCU\..\Run: [Cfk] C:\WINDOWS\System32\Fef.exe
O4 - HKCU\..\Run: [Mst] C:\WINDOWS\Tbo.exe
O4 - HKCU\..\Run: [Clm] C:\WINDOWS\System32\Tud.exe
O4 - HKCU\..\Run: [Mvu] C:\WINDOWS\System32\Lal.exe
O4 - HKCU\..\Run: [Tnh] C:\WINDOWS\Uus.exe
O4 - HKCU\..\Run: [Iie] C:\WINDOWS\Rhf.exe
O4 - HKCU\..\Run: [Ino] C:\WINDOWS\System32\Lgo.exe
O4 - HKCU\..\Run: [Ppn] C:\WINDOWS\Cor.exe
O4 - HKCU\..\Run: [Mdt] C:\WINDOWS\Cgj.exe
O4 - HKCU\..\Run: [Kdl] C:\WINDOWS\Qne.exe
O4 - HKCU\..\Run: [Dgg] C:\WINDOWS\Eir.exe
O4 - HKCU\..\Run: [Udn] C:\WINDOWS\System32\Cao.exe
O4 - HKCU\..\Run: [Gjb] C:\WINDOWS\Ljn.exe
O4 - HKCU\..\Run: [Gik] C:\WINDOWS\Cvp.exe
O4 - HKCU\..\Run: [Rfl] C:\WINDOWS\Sfs.exe
O4 - HKCU\..\Run: [Lfc] C:\WINDOWS\Mre.exe
O4 - HKCU\..\Run: [Gto] C:\WINDOWS\Oou.exe
O4 - HKCU\..\Run: [Hih] C:\WINDOWS\System32\Qnt.exe
O4 - HKCU\..\Run: [Tbu] C:\WINDOWS\Avb.exe
O4 - HKCU\..\Run: [Vrc] C:\WINDOWS\System32\Jta.exe
O4 - HKCU\..\Run: [Eqn] C:\WINDOWS\Jrv.exe
O4 - HKCU\..\Run: [Bnh] C:\WINDOWS\System32\Bik.exe
O4 - HKCU\..\Run: [Gij] C:\WINDOWS\Cne.exe
O4 - HKCU\..\Run: [Srf] C:\WINDOWS\System32\Ngb.exe
O4 - HKCU\..\Run: [Bfj] C:\WINDOWS\System32\Rsd.exe
O4 - HKCU\..\Run: [Dgf] C:\WINDOWS\Cst.exe
O4 - HKCU\..\Run: [Vba] C:\WINDOWS\Aap.exe
O4 - HKCU\..\Run: [Efh] C:\WINDOWS\Pvv.exe
O4 - HKCU\..\Run: [Idh] C:\WINDOWS\Hnm.exe
O4 - HKCU\..\Run: [Nla] C:\WINDOWS\Rln.exe
O4 - HKCU\..\Run: [Ssd] C:\WINDOWS\Lhf.exe
O4 - HKCU\..\Run: [Shj] C:\WINDOWS\Ieq.exe
O4 - HKCU\..\Run: [Ggu] C:\WINDOWS\System32\Goe.exe
O4 - HKCU\..\Run: [Hgh] C:\WINDOWS\System32\Uhh.exe
O4 - HKCU\..\Run: [Dhb] C:\WINDOWS\System32\Cjd.exe
O4 - HKCU\..\Run: [Jjb] C:\WINDOWS\Rcs.exe
O4 - HKCU\..\Run: [Bjp] C:\WINDOWS\Mog.exe
O4 - HKCU\..\Run: [Sbp] C:\WINDOWS\Vlk.exe
O4 - HKCU\..\Run: [Hoh] C:\WINDOWS\System32\Rqb.exe
O4 - HKCU\..\Run: [Nqs] C:\WINDOWS\System32\Uku.exe
O4 - HKCU\..\Run: [Lgg] C:\WINDOWS\System32\Vpl.exe
O4 - HKCU\..\Run: [Cvr] C:\WINDOWS\Tps.exe
O4 - HKCU\..\Run: [Flt] C:\WINDOWS\System32\Vco.exe
O4 - HKCU\..\Run: [Ufc] C:\WINDOWS\System32\Vla.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Rri] C:\WINDOWS\Lco.exe
O4 - HKCU\..\Run: [Jrh] C:\WINDOWS\System32\Hap.exe
O4 - HKCU\..\Run: [Rjt] C:\WINDOWS\System32\Ius.exe
O4 - HKCU\..\Run: [Cuu] C:\WINDOWS\Rjk.exe
O4 - HKCU\..\Run: [Pmq] C:\WINDOWS\Vlh.exe
O4 - HKCU\..\Run: [Ltb] C:\WINDOWS\System32\Cca.exe
O4 - HKCU\..\Run: [Pgr] C:\WINDOWS\Iml.exe
O4 - HKCU\..\Run: [Ojn] C:\WINDOWS\System32\Rmg.exe
O4 - HKCU\..\Run: [Cdg] C:\WINDOWS\Rgc.exe
O4 - HKCU\..\Run: [Jau] C:\WINDOWS\Vqt.exe
O4 - HKCU\..\Run: [Mpj] C:\WINDOWS\Nuc.exe
O4 - HKCU\..\Run: [Dkt] C:\WINDOWS\Rtd.exe
C:\WINDOWS\Qjj.exe
C:\WINDOWS\Gnr.exe
] C:\WINDOWS\System32\Bmd.exe
O4 - Startup: winupdate98589498[1].exe


Please delete your temporary files. Double Click My Computer (WinXP: Navigate to Start --->My Computer)
You will see an icon representing your harddrive (most likely C: Drive) Right Click on the hard drive icon and click Properties at the
bottom of the fly out window. One the very first tab (General) you will see a button labeled "Disk Cleanup"...click that button.
Make sure the following are checked:
Downloaded Program Files
Temporary Internet Files and
Recycle Bin
Click OK and Disk Cleanup will delete those files for you.

REboot and pos a fresh log.

[CrazyIvan]

Followed instructions and here is the new log - While posting it though, "Security iguard" just initiated itself again. Thank you very much for your help.

Logfile of HijackThis v1.99.1
Scan saved at 12:50:21 PM, on 3/22/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Documents and Settings\Malcolm\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\about.htm
N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\Malcolm\Application Data\Mozilla\Profiles\default\t2weqogf.slt\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Inb] C:\WINDOWS\Rqo.exe
O4 - HKLM\..\Run: [secboot] C:\WINDOWS\System32\mszx23.exe !!
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Inb] C:\WINDOWS\Rqo.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O20 - Winlogon Notify: drct16 - C:\WINDOWS\SYSTEM32\drct16.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe

[coachwife6]

Good job. Much better!!!!!

Run Hijack This again and put a check mark next to them.

O4 - HKLM\..\Run: [Inb] C:\WINDOWS\Rqo.exe
O4 - HKLM\..\Run: [secboot] C:\WINDOWS\System32\mszx23.exe !!

O4 - HKCU\..\Run: [Inb] C:\WINDOWS\Rqo.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O20 - Winlogon Notify: drct16 - C:\WINDOWS\SYSTEM32\drct16.dll


Reboot into safe mode and find these files and delete them.

C:\WINDOWS\Rqo.exe
C:\WINDOWS\System32\mszx23.exe !!
C:\WINDOWS\Rqo.exe
C:\WINDOWS\SYSTEM32\drct16.dll

Download this and run it:

http://www.majorgeek...ad.php?det=4191

REboot and post a new log.

[CrazyIvan]

Okay done as instructed. However, Security iguard is still self-initiating. Also I can't get rid of mszx23.exe and drct16.dll in either safe or normal mode. Thanks.


Logfile of HijackThis v1.99.1
Scan saved at 4:38:06 PM, on 3/22/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Malcolm\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\about.htm
N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\Malcolm\Application Data\Mozilla\Profiles\default\t2weqogf.slt\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Security iGuard] C:\Program Files\Security iGuard\Security iGuard.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O20 - Winlogon Notify: drct16 - C:\WINDOWS\SYSTEM32\drct16.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe

[coachwife6]

Read these two posts:

http://forums.maddok...?showtopic=2659

http://securityrespo....haxdoor.d.html

[CrazyIvan]

HELP!!!!! I'm now having to write from my girlfriends computer. i deleted the following files from my computer and now it wont start load windows!!!:

klogini.dll (Also used in the HAXDOOR virus)
fltr.a3d (No info found on the net - propably some datafile)
redir.a3d (No info found on the net - propably some datafile)
vdnt32.sys (Also used in the HAXDOOR virus)

i am getting the following message when trying to boot up, (in safe mode too)

The instruction at "0x77f8353b" referenced memory at "0x00f1bc88". The memory could not be "read". click on OK to terminate the program. Click on cancel to debug the program.

Clicking on cancel does nothing. Clicking on OK gives me a fatal system error and windows logon process system process terminated unexpectedly wth a status of....The system has been shut down!!! OH NOOOOOO! PLEASE HELP!! I have so much work to do tonight!

[CrazyIvan]

CoachWife6!!! Where arrrrrrrrre youuuuuuuuu? HELP!!!!! Thank you sooo much.

[ScHwErV]

CrazyIvan

coachwife6 is going to be away for a little while and has asked that I help you in her absence.

Can you get into safe mode? If so, please run HiJackThis from Safe Mode and copy the log on floppy to your girlfriends computer and post it.

Boot into Safe Mode:
Restart your computer and as soon as it starts booting up again continuously tap F8. A menu should come up where you will be given the option to enter Safe Mode.


Good Luck

ScHwErV

[ScHwErV]

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending a Staff Member a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.

ScHwErV