Incident Status Location
Adware:adware/securityerror Not disinfected C:\Documents and Settings\Rick\Favorites\Antivirus Test Online.url
Adware:adware program Not disinfected c:\windows\ss3unstl.exe
Hacktool:rootkit/zaqt.a Not disinfected hkey_local_machine\system\currentcontrolset\services\DP1112
Adware:adware/morwillsearch Not disinfected Windows Registry
Adware:adware/mirar Not disinfected Windows Registry
Spyware:spyware/virtumonde Not disinfected Windows Registry
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\1e52v5v3.default\cookies.txt[.2o7.net/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\1e52v5v3.default\cookies.txt[.atdmt.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\1e52v5v3.default\cookies.txt[.go.com/]
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\1e52v5v3.default\cookies.txt[.doubleclick.net/]
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\1e52v5v3.default\cookies.txt[.ehg-dig.hitbox.com/]
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\1e52v5v3.default\cookies.txt[.hitbox.com/]
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\1e52v5v3.default\cookies.txt[.ads.pointroll.com/]
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\1e52v5v3.default\cookies.txt[.questionmarket.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\1e52v5v3.default\cookies.txt[.atwola.com/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\1e52v5v3.default\cookies.txt[.advertising.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\1e52v5v3.default\cookies.txt[.adrevolver.com/]
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\1e52v5v3.default\cookies.txt[.adtech.de/]
Spyware:Cookie/cs.sexcounter Not disinfected C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\1e52v5v3.default\cookies.txt[.cs.sexcounter.com/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\1e52v5v3.default\cookies.txt[.tribalfusion.com/]
Spyware:Cookie/WebPower Not disinfected C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\1e52v5v3.default\cookies.txt[.webpower.com/]
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\1e52v5v3.default\cookies.txt[.zedo.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\1e52v5v3.default\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\1e52v5v3.default\cookies.txt[server.iad.liveperson.net/]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\1e52v5v3.default\cookies.txt[server.iad.liveperson.net/hc/76168556]
Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Rick\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Dummy.class-21c6f865-558f2ae2.class
Adware:Adware/CWS Not disinfected C:\Documents and Settings\Rick\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\SecurityClassLoader.class-6fd9f626-21565f24.class
Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Rick\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1cc2162d-5d9bbae3.zip[Counter.class]
Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Rick\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1cc2162d-5d9bbae3.zip[Gummy.class]
Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Rick\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1cc2162d-5d9bbae3.zip[VerifierBug.class]
Virus:Trj/Lowzones.RB Disinfected C:\Documents and Settings\Rick\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1cc2162d-5d9bbae3.zip[web.exe]
Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Rick\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1cc2162d-5d9bbae3.zip[Worker.class]
Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Rick\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-1cc2162d-5d9bbae3.zip[Xeyond.class]
Virus:Trj/ClassLoader.E Disinfected C:\Documents and Settings\Rick\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-1886969-19dfad98.zip[NewURLClassLoader.class]
Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Rick\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv57.jar-13cbadd4-53e2ff89.zip[Counter.class]
Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Rick\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv57.jar-13cbadd4-53e2ff89.zip[Dummy.class]
Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Rick\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv57.jar-13cbadd4-53e2ff89.zip[Matrix.class]
Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Rick\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv57.jar-13cbadd4-53e2ff89.zip[Parser.class]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Rick\Cookies\rick@2o7[1].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Rick\Cookies\
[email protected][2].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Rick\Cookies\
[email protected][2].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Rick\Cookies\rick@atwola[1].txt
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Rick\Cookies\rick@bluestreak[1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Rick\Cookies\rick@com[1].txt
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Rick\Cookies\rick@go[1].txt
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\Rick\Cookies\rick@maxserving[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Rick\Cookies\rick@questionmarket[2].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Rick\Cookies\rick@realmedia[1].txt
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Rick\Cookies\
[email protected][2].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Rick\Cookies\rick@trafficmp[1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Rick\Cookies\rick@tribalfusion[1].txt
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Rick\Cookies\
[email protected][1].txt
Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\Rick\Cookies\
[email protected][1].txt
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Rick\Desktop\SmitfraudFix\SmitfraudFix\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Rick\Desktop\smitRem\Process.exe
Adware:Adware/SystemDoctor Not disinfected C:\Documents and Settings\Rick\Local Settings\Application Data\4400744d.exe
Adware:Adware/CWS Not disinfected C:\WINDOWS\cpblpbc26.log
Virus:Trj/Downloader.KDC Disinfected C:\WINDOWS\cpblpbc34.log
Adware:Adware/Miamore Not disinfected C:\WINDOWS\g14705953.dll
Adware:Adware/Miamore Not disinfected C:\WINDOWS\g21082015.dll
Adware:Adware/Miamore Not disinfected C:\WINDOWS\g30511734.dll
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\ahswtdgs.exe
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\aihyvuwh.exe
Virus:Trj/Clicker.ME Disinfected C:\WINDOWS\SYSTEM32\alexa.exe
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\apgiudbr.dll
Adware:Adware/Popuper Not disinfected C:\WINDOWS\SYSTEM32\bbyigdmk.exe
Adware:Adware/SystemDoctor Not disinfected C:\WINDOWS\SYSTEM32\bqvxyfhk.exe
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\bxixxmpk.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\cgwhndmq.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\cmismihk.dll
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\degrmenq.exe
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\efdpfjth.exe
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\ehlfpptb.dll
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\fkhawvqn.exe
Adware:Adware/SystemDoctor Not disinfected C:\WINDOWS\SYSTEM32\fonnganu.exe
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\gebmmkco.exe
Adware:Adware/SystemDoctor Not disinfected C:\WINDOWS\SYSTEM32\hkmbqrys.exe
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\idgdtypb.exe
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\jbewjccy.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\jsxjlrwu.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\kgrlhamo.dll
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\kikvaeob.exe
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\mhpqvhlk.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\mrmxwrqu.dll
Adware:Adware/SystemDoctor Not disinfected C:\WINDOWS\SYSTEM32\npylxqro.exe
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\ojofgxox.dll
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\opqahiip.exe
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\pbohrdgl.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\pfxvehtd.dll
Potentially unwanted tool:Application/Processor Not disinfected C:\WINDOWS\SYSTEM32\process.exe
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\qjxcyemu.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\qnhfhsvx.dll
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\qnygelcs.exe
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\sstqr.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\syymbyyk.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\tcxqwcht.dll
Adware:Adware/SystemDoctor Not disinfected C:\WINDOWS\SYSTEM32\ugavgyqa.exe
Adware:Adware/SystemDoctor Not disinfected C:\WINDOWS\SYSTEM32\uhpeigil.exe
Adware:Adware/SystemDoctor Not disinfected C:\WINDOWS\SYSTEM32\umggykuh.exe
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\uualyjkn.dll
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\uvgymxfi.exe
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\vutyuaau.dll
Adware:Adware/SystemDoctor Not disinfected C:\WINDOWS\SYSTEM32\wjofmyfv.exe
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\xbqewcks.exe
Adware:Adware/SystemDoctor Not disinfected C:\WINDOWS\SYSTEM32\xgylyygh.exe
Adware:Adware/SystemDoctor Not disinfected C:\WINDOWS\SYSTEM32\yxjshmre.exe
Virus:Trj/Downloader.KKB Disinfected C:\_backupD\admparsek.dll
Virus:Trj/Downloader.KAM Disinfected C:\_backupD\compstuih.dll
Virus:Trj/Downloader.GFM Disinfected C:\_backupD\st3d.dll
Logfile of HijackThis v1.99.1
Scan saved at 4:35:08 PM, on 9/20/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\AOL\1158173707\ee\AOLSoftware.exe
C:\Program Files\Common Files\AOL\1158173707\ee\services\safetyCore\ver2_5_4_1\AOLSP Scheduler.exe
C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2D1.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.4156\GoogleToolbarNotifier.exe
C:\Program Files\America Online 9.0a\waol.exe
C:\Program Files\Common Files\AOL\1158173707\ee\aolsoftware.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\AOL\1158173707\ee\services\safetyCore\ver2_5_4_1\aolavupd.exe
C:\WINDOWS\runservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\mcafee.com\personal firewall\MPFService.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\America Online 9.0a\shellmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Rick\Desktop\hijackthis_199\HijackThis.exe
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1158173707\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLSPScheduler] C:\Program Files\Common Files\AOL\1158173707\ee\services\safetyCore\ver2_5_4_1\AOLSP Scheduler.exe
O4 - HKLM\..\Run: [sscRun] C:\Program Files\Common Files\AOL\1158173707\ee\SSCRun.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\mcafee.com\antivirus\oasclnt.exe
O4 - HKLM\..\Run: [EmailScan] C:\Program Files\mcafee.com\antivirus\mcvsescn.exe
O4 - HKLM\..\Run: [MPFExe] C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [EPSON Stylus C84 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2D1.EXE /P23 "EPSON Stylus C84 Series" /O5 "LPT1:" /M "Stylus C84"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.4156\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0a\AOL.EXE" -b
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft....k/?linkid=39204O16 - DPF: {33288993-5664-11D4-8B5B-00D0B73B3518} (ell Class) -
http://aol.easports....ommon/ieell.cabO16 - DPF: {37A273C2-5129-11D5-BF37-00A0CCE8754B} (TTestGenXInstallObject) -
http://asp.mathxl.co...GenXInstall.cabO16 - DPF: {4FE89055-5300-469E-AFAD-DEB3181EDE76} (PearsonAsstX Control) -
http://asp.mathxl.co...InstallAsst.cabO16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -
http://scan.safety.l...lscbase7617.cabO16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) -
http://upload.facebo...otoUploader.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.micros...b?1154135937511O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.micros...b?1145038525140O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoft...free/asinst.cabO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://zone.msn.com/...ro.cab32846.cabO16 - DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} (Pearson MathXL Player) -
http://asp.mathxl.co.../MathPlayer.cabO20 - Winlogon Notify: ddayy - C:\WINDOWS\system32\ddayy.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Antivirus Update Service (aolavupd) - AOL LLC - C:\Program Files\Common Files\AOL\1158173707\ee\services\safetyCore\ver2_5_4_1\aolavupd.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\Program Files\mcafee.com\personal firewall\MPFService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe