---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 3:13:10 PM 12/26/2006
+ Scan result:
C:\Documents and Settings\Chris Brigaitis\Start Menu\Programs\EARN -> Adware.eZula : Cleaned with backup (quarantined).
C:\Documents and Settings\Chris Brigaitis\Start Menu\Programs\EARN\About EARN.lnk -> Adware.eZula : Cleaned with backup (quarantined).
C:\Documents and Settings\Chris Brigaitis\Start Menu\Programs\EARN\EARN website.url -> Adware.eZula : Cleaned with backup (quarantined).
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : Cleaned with backup (quarantined).
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : Cleaned with backup (quarantined).
HKU\S-1-5-21-1078081533-602162358-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : Cleaned with backup (quarantined).
:mozilla.6:C:\Documents and Settings\Chris Brigaitis\Application Data\Netscape\NSB\Profiles\odsrm5bl.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.7:C:\Documents and Settings\Chris Brigaitis\Application Data\Netscape\NSB\Profiles\odsrm5bl.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.47:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.48:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.49:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.51:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.21:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.82:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.83:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.84:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.59:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.88:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.65:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.67:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.68:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.69:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.100:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.101:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.99:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.22:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.23:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.24:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.25:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.89:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.90:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.19:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.20:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.26:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.27:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.92:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.93:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.94:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.56:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.57:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.58:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.60:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.61:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.62:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.29:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.45:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.63:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.64:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.66:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.70:C:\Documents and Settings\Chris Brigaitis\Application Data\Mozilla\Firefox\Profiles\ea5aw5uf.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\WINDOWS\system32\wnscpsv.exe -> Trojan.Small : Cleaned with backup (quarantined).
::Report end
SUPERAntiSpyware Scan Log
Generated 12/26/2006 at 04:56 PM
Application Version : 3.4.1000
Core Rules Database Version : 3154
Trace Rules Database Version: 1171
Scan type : Complete Scan
Total Scan Time : 01:32:46
Memory items scanned : 445
Memory threats detected : 0
Registry items scanned : 5790
Registry threats detected : 35
File items scanned : 75715
File threats detected : 5
Spyware.WebSearch (WinTools/Huntbar)
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINTOOLSSVC
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINTOOLSSVC#NextInstance
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINTOOLSSVC\0000
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINTOOLSSVC\0000#Service
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINTOOLSSVC\0000#Legacy
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINTOOLSSVC\0000#ConfigFlags
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINTOOLSSVC\0000#Class
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINTOOLSSVC\0000#ClassGUID
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINTOOLSSVC\0000#DeviceDesc
Trojan.NetMon/DNSChange
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR#NextInstance
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#Service
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#Legacy
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#ConfigFlags
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#Class
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#ClassGUID
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#DeviceDesc
Trojan.cmdService
HKLM\SYSTEM\CurrentControlSet\Services\cmdService
HKLM\SYSTEM\CurrentControlSet\Services\cmdService#Type
HKLM\SYSTEM\CurrentControlSet\Services\cmdService\Enum
HKLM\SYSTEM\CurrentControlSet\Services\cmdService\Enum#0
HKLM\SYSTEM\CurrentControlSet\Services\cmdService\Enum#Count
HKLM\SYSTEM\CurrentControlSet\Services\cmdService\Enum#NextInstance
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE#NextInstance
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#Service
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#Legacy
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#ConfigFlags
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#Class
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#ClassGUID
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#DeviceDesc
Adware.FullContext
HKU\.DEFAULT\Software\PSHope
HKU\S-1-5-18\Software\PSHope
Adware.NextFriday
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\DESKTOP\FREE IPOD NANO.LNK
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\DESKTOP\PLAY PARTY POKER.LNK
Trojan.Unknown Origin
C:\PROGRAM FILES\YAHOO!\YPSR\QUARANTINE\PPQ81.TMP
C:\SYSTEM VOLUME INFORMATION\_RESTORE{5775905D-94A2-4A36-A715-DEF74E188A58}\RP94\A0008702.EXE
C:\WINDOWS\SYSTEM32\W01A03D1.INI
Incident Status Location
Adware:adware/wintools Not disinfected Windows Registry
Adware:adware/powerscan Not disinfected Windows Registry
Adware:adware/esyndicate Not disinfected Windows Registry
Adware:adware/ieplugin Not disinfected Windows Registry
Adware:adware/sidesearch Not disinfected Windows Registry
Spyware:spyware/apropos Not disinfected Windows Registry
Possible Virus. Not disinfected C:\BFU\FindQool.zip[FindQool/Sub/swreg.exe]
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Brenda Stepp\Desktop\Anti-Spyware etc\Nailfix\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Brenda Stepp\Desktop\Anti-Spyware etc\nailfix.zip[Nailfix/Process.exe]
Possible Virus. Not disinfected C:\FindQool\FindQool\Sub\swreg.exe
Spyware:Spyware/Media-motor Not disinfected C:\WINDOWS\srvcwuwubw.exe[nodeipproc.dll]
Logfile of HijackThis v1.99.1
Scan saved at 6:45:49 PM, on 12/26/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\ahead\InCD\InCD.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\gearsec.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\Program Files\eFax Messenger 4.0\J2GDllCmd.exe
C:\Program Files\eFax Messenger 4.0\J2GTray.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe
C:\Documents and Settings\Brenda Stepp\Desktop\Anti-Spyware etc\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapp...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo..../sbc.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapp...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp.../search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapp...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapp...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Steam] D:\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Billminder.lnk = C:\Program Files\Quicken\billmind.exe
O4 - Global Startup: eFax DllCmd 4.0.lnk = C:\Program Files\eFax Messenger 4.0\J2GDllCmd.exe
O4 - Global Startup: eFax Tray Menu 4.0.lnk = C:\Program Files\eFax Messenger 4.0\J2GTray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: Quicken Startup.lnk = C:\Program Files\Quicken\QWDLLS.EXE
O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative....015/CTSUEng.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - C:\Program Files\Yahoo!\common\yucconfig.dll
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {4156EC68-BB80-4B06-B1FA-780C3DB183A6} (KyozouX Control) - http://my.kyozou.com/KyozouX.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp...ads/sysinfo.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - http://ipgweb.cce.hp...oads/msxml4.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius....tiveXPlugin.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo....plorer1_9us.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative....15014/CTPID.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\system32\gearsec.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE