SUPERAntiSpyware Scan Log
Generated 09/14/2007 at 08:47 PM
Application Version : 3.6.1000
Core Rules Database Version : 3190
Trace Rules Database Version: 1200
Scan type : Complete Scan
Total Scan Time : 03:52:33
Memory items scanned : 631
Memory threats detected : 0
Registry items scanned : 8171
Registry threats detected : 27
File items scanned : 168084
File threats detected : 152
Unclassified.Oreans32
HKLM\System\ControlSet001\Services\oreans32
C:\WINDOWS\SYSTEM32\DRIVERS\OREANS32.SYS
HKLM\System\ControlSet002\Services\oreans32
HKLM\System\CurrentControlSet\Services\oreans32
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32#NextInstance
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200#Service
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200#Legacy
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200#ConfigFlags
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200#Class
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200#ClassGUID
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200#DeviceDesc
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200#Capabilities
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200\LogConf
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200\Control
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200\Control#ActiveService
HKLM\SYSTEM\CurrentControlSet\Services\oreans32#Type
HKLM\SYSTEM\CurrentControlSet\Services\oreans32#Start
HKLM\SYSTEM\CurrentControlSet\Services\oreans32#ErrorControl
HKLM\SYSTEM\CurrentControlSet\Services\oreans32#ImagePath
HKLM\SYSTEM\CurrentControlSet\Services\oreans32#DisplayName
HKLM\SYSTEM\CurrentControlSet\Services\oreans32\Security
HKLM\SYSTEM\CurrentControlSet\Services\oreans32\Security#Security
HKLM\SYSTEM\CurrentControlSet\Services\oreans32\Enum
HKLM\SYSTEM\CurrentControlSet\Services\oreans32\Enum#0
HKLM\SYSTEM\CurrentControlSet\Services\oreans32\Enum#Count
HKLM\SYSTEM\CurrentControlSet\Services\oreans32\Enum#NextInstance
Adware.Tracking Cookie
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr [email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr [email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr smith@16847762[1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][2].txt
C:\Documents and Settings\Mr Smith\Cookies\mr smith@71648812[1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr [email protected][2].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@cracked[1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr [email protected][2].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@revsci[2].txt
C:\Documents and Settings\Mr Smith\Cookies\mr smith@s[1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr smith@cgi-bin[3].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr smith@sexsearchcom[1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@tribalfusion[2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][2].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@yadro[2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@atdmt[1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr [email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr [email protected][2].txt
C:\Documents and Settings\Mr Smith\Cookies\mr smith@cgi-bin[1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@drivecleaner[1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr smith@a[1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr [email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@netmediagroup[1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@atwola[2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][2].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@burstnet[1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][2].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@azjmp[2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr [email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr smith@newsexbuddy[1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr smith@yourdailymedia[2].txt
C:\Documents and Settings\Mr Smith\Cookies\mr [email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr smith@indiads[1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr [email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@imrworldwide[2].txt
C:\Documents and Settings\Mr Smith\Cookies\mr [email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr [email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@yourmedia[2].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@toplist[2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@komtrack[2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@mediabum[2].txt
C:\Documents and Settings\Mr Smith\Cookies\mr [email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@cerosmedia[1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@avsmedia[2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@xiti[1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@amsterdamlivexxx[1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@clicktorrent[1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr smith@picturetheloan[1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr [email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@warezlinker[2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][3].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][9].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@clickbank[1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@mediapost[1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][2].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@adecn[1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@usenext[2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][7].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@cpvfeed[2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@mediaplex[1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][2].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@hypertracker[2].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@advertising[1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][2].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@bluestreak[1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@superstats[1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][3].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@elite-videos[1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][6].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@adtech[2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][4].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][5].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][2].txt
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@questionmarket[2].txt
C:\Documents and Settings\Mr Smith\Cookies\[email protected][3].txt
C:\Documents and Settings\Guest\Cookies\[email protected][1].txt
C:\Documents and Settings\Guest\Cookies\[email protected][2].txt
C:\Documents and Settings\Guest\Cookies\[email protected][2].txt
C:\Documents and Settings\Guest\Cookies\[email protected][2].txt
C:\Documents and Settings\Guest\Cookies\[email protected][1].txt
C:\Documents and Settings\Guest\Cookies\[email protected][2].txt
C:\Documents and Settings\Guest\Cookies\guest@cerosmedia[1].txt
C:\Documents and Settings\Guest\Cookies\[email protected][2].txt
C:\Documents and Settings\Guest\Cookies\[email protected][2].txt
C:\Documents and Settings\Guest\Cookies\guest@interclick[2].txt
C:\Documents and Settings\Guest\Cookies\guest@precisionclick[2].txt
C:\Documents and Settings\Guest\Cookies\[email protected][2].txt
C:\Documents and Settings\Guest\Cookies\[email protected][1].txt
C:\Documents and Settings\Guest\Cookies\[email protected][2].txt
C:\Documents and Settings\Guest\Cookies\[email protected][2].txt
C:\Documents and Settings\Guest\Cookies\[email protected][2].txt
C:\Documents and Settings\Guest\Cookies\[email protected][1].txt
C:\Documents and Settings\Guest\Cookies\[email protected][2].txt
Unclassified.Unknown Origin
C:\DOCUMENTS AND SETTINGS\MR SMITH\LOCAL SETTINGS\TEMP\KBDUMMY.0
C:\DOCUMENTS AND SETTINGS\MR SMITH\LOCAL SETTINGS\TEMP\KBDUMMY.1
logfile of panda active scan pro
Incident Status
Location
Spyware:Cookie/NewMedia Disinfected
C:\Documents and Settings\Guest\Cookies\[email protected][2].txt
Spyware:Cookie/DriveCleaner Disinfected
C:\Documents and Settings\Guest\Cookies\guest@drivecleaner[1].txt
Spyware:Cookie/ErrorSafe Disinfected
C:\Documents and Settings\Guest\Cookies\guest@errorsafe[2].txt
Spyware:Cookie/DriveCleaner Disinfected
C:\Documents and Settings\Guest\Cookies\[email protected][2].txt
Spyware:Cookie/ErrorSafe Disinfected
C:\Documents and Settings\Guest\Cookies\[email protected][2].txt
Spyware:Cookie/fe.lea.lycos Disinfected
C:\Documents and Settings\Mr Smith\Cookies\mr [email protected][1].txt
Spyware:Cookie/888 Disinfected
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@888[1].txt
Spyware:Cookie/NewMedia Disinfected
C:\Documents and Settings\Mr Smith\Cookies\[email protected][1].txt
Spyware:Cookie/Go Disinfected
C:\Documents and Settings\Mr Smith\Cookies\mr_smith@go[1].txt
Possible Virus. No disinfected
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
Dialer:Dialer.ISB No disinfected
C:\Program Files\Online Services\BTYahoo\HPPre05.msi[btwebcontrol.dll]
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 10:51:14 15/09/2007
+ Scan result:
Nothing found.
::Report end
Logfile of HijackThis v1.99.1
Scan saved at 21:19:32, on 14/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ThreatFire\TFService.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\HPQ\shared\hpqwmi.exe
C:\Program Files\Roxio\Media Experience\DMXLauncher.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\ThreatFire\TFTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Google\Google Updater\2.2.969.23408\GoogleUpdaterInstallMgr.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Hijackthis\HijackThis.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\sdtrayapp.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.thisismoney.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.wanadoo.c...cts/wanadoohome
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {733E9132-53CA-4C97-9AC9-145C4502FA20} - C:\WINDOWS\system32\opnlmnl.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common
Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program
Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: Wanadoo - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\Media Experience\DMXLauncher.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll/VSearch.htm
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
(file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network
Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) -
http://h20278.www2.h...DataManager.CAB
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoft...free/asinst.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) -
http://www.adobe.com...obat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.m...ash/swflash.cab
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (DownloadManager Control) -
http://dlm.tools.aka...vex-2.2.1.6.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: opnlmnl - C:\WINDOWS\SYSTEM32\opnlmnl.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. -
C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth
Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision
Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google
Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program
Files\HPQ\shared\hpqwmi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common
Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Common Files\Sonic
Shared\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Common Files\Sonic
Shared\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio
Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0
\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio
Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe