Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:20:50 AM, on 4/7/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\wmsdkns.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Documents and Settings\Home\My Documents\AVG\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Documents and Settings\Home\My Documents\AVG\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HiJackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.syracuse.com/
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\wmsdkns.exe,
O2 - BHO: (no name) - {00000250-0320-4dd4-be4f-7566d2314352} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {13197ace-6851-45c3-a7ff-c281324d5489} - (no file)
O2 - BHO: (no name) - {15651c7c-e812-44a2-a9ac-b467a2233e7d} - (no file)
O2 - BHO: (no name) - {4e1075f4-eec4-4a86-add7-cd5f52858c31} - (no file)
O2 - BHO: (no name) - {4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} - (no file)
O2 - BHO: (no name) - {5929cd6e-2062-44a4-b2c5-2c7e78fbab38} - (no file)
O2 - BHO: (no name) - {5dafd089-24b1-4c5e-bd42-8ca72550717b} - (no file)
O2 - BHO: (no name) - {5fa6752a-c4a0-4222-88c2-928ae5ab4966} - (no file)
O2 - BHO: (no name) - {622cc208-b014-4fe0-801b-874a5e5e403a} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {8674aea0-9d3d-11d9-99dc-00600f9a01f1} - (no file)
O2 - BHO: (no name) - {965a592f-8efa-4250-8630-7960230792f1} - (no file)
O2 - BHO: (no name) - {9c5b2f29-1f46-4639-a6b4-828942301d3e} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765728274} - (no file)
O2 - BHO: (no name) - {fc3a74e5-f281-4f10-ae1e-733078684f3c} - (no file)
O2 - BHO: (no name) - {ffff0001-0002-101a-a3c9-08002b2f49fb} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Documents and Settings\Home\My Documents\AVG\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Saoh] "C:\PROGRA~1\ICROSO~1.NET\mshta.exe" -vt yazb
O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoft...s/as2stubie.cab
O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} (Disney Online Games ActiveX Control) - http://disney.go.com...OnlineGames.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photos.walmar...martActivia.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace....ploader1006.cab
O16 - DPF: {4989312D-58CF-11D5-A7D7-00E02911103E} (Interealty MultiSelect) - http://syr.mlxchange...ectComboBox.cab
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h30155.www3.h...nosticsxp2k.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebo...toUploader3.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1175613378046
O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgall..._2/axofupld.cab
O16 - DPF: {6FD482A3-7B57-438B-B040-52CAA30147EE} (MLXchange Client Utils) - http://syr.mlxchange...ClientUtils.cab
O16 - DPF: {83AB6E4D-CDD7-11D3-B5E7-00104B9AFF6E} (GeacRevw Control) - http://syr.mlxchange...ol/IRCSharc.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1....loadManager.ocx
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://www.driverage...driveragent.cab
O17 - HKLM\System\CS2\Services\Tcpip\..\{0B020943-B49D-4858-AAF6-E0BFBB595ECB}: NameServer = 192.168.0.1
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: byxvwwv - byxvwwv.dll (file missing)
O20 - Winlogon Notify: byxyayx - byxyayx.dll (file missing)
O20 - Winlogon Notify: xxywwvs - xxywwvs.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Documents and Settings\Home\My Documents\AVG\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
--
End of file - 9792 bytes
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 04/07/2008 at 00:54 AM
Application Version : 4.0.1154
Core Rules Database Version : 3432
Trace Rules Database Version: 1424
Scan type : Complete Scan
Total Scan Time : 03:36:57
Memory items scanned : 438
Memory threats detected : 0
Registry items scanned : 4830
Registry threats detected : 67
File items scanned : 81024
File threats detected : 122
Adware.Vundo-Variant/Small-A
HKLM\Software\Classes\CLSID\{214dd2c5-4721-4e82-9b4a-93ca624bfb26}
HKCR\CLSID\{214DD2C5-4721-4E82-9B4A-93CA624BFB26}
HKCR\CLSID\{214DD2C5-4721-4E82-9B4A-93CA624BFB26}\InprocServer32
HKCR\CLSID\{214DD2C5-4721-4E82-9B4A-93CA624BFB26}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\ONOSDDNB.DLL
HKLM\Software\Classes\CLSID\{49fb568a-06be-4e74-bdbe-9a16503902f5}
HKCR\CLSID\{49FB568A-06BE-4E74-BDBE-9A16503902F5}
HKCR\CLSID\{49FB568A-06BE-4E74-BDBE-9A16503902F5}\InprocServer32
HKCR\CLSID\{49FB568A-06BE-4E74-BDBE-9A16503902F5}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\HSOSSPYW.DLL
HKLM\Software\Classes\CLSID\{4fe2db00-e6f1-4ccb-97a6-d34b5886d64a}
HKCR\CLSID\{4FE2DB00-E6F1-4CCB-97A6-D34B5886D64A}
HKCR\CLSID\{4FE2DB00-E6F1-4CCB-97A6-D34B5886D64A}\InprocServer32
HKCR\CLSID\{4FE2DB00-E6F1-4CCB-97A6-D34B5886D64A}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\ATALDAYQ.DLL
HKLM\Software\Classes\CLSID\{83a05df0-4ccb-461d-852b-c51ce880ff7b}
HKCR\CLSID\{83A05DF0-4CCB-461D-852B-C51CE880FF7B}
HKCR\CLSID\{83A05DF0-4CCB-461D-852B-C51CE880FF7B}\InprocServer32
HKCR\CLSID\{83A05DF0-4CCB-461D-852B-C51CE880FF7B}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\QTHBEXDG.DLL
HKLM\Software\Classes\CLSID\{8959b8cb-4c42-48bd-8b97-1aa0c0b2aff4}
HKCR\CLSID\{8959B8CB-4C42-48BD-8B97-1AA0C0B2AFF4}
HKCR\CLSID\{8959B8CB-4C42-48BD-8B97-1AA0C0B2AFF4}\InprocServer32
HKCR\CLSID\{8959B8CB-4C42-48BD-8B97-1AA0C0B2AFF4}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\VBQEOAVI.DLL
HKLM\Software\Classes\CLSID\{8b34ed6e-01a8-430b-9348-a44ca868626a}
HKCR\CLSID\{8B34ED6E-01A8-430B-9348-A44CA868626A}
HKCR\CLSID\{8B34ED6E-01A8-430B-9348-A44CA868626A}\InprocServer32
HKCR\CLSID\{8B34ED6E-01A8-430B-9348-A44CA868626A}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\RVFUKOUE.DLL
HKLM\Software\Classes\CLSID\{ffd2f15b-b5f1-46fe-96b0-91a91d88f804}
HKCR\CLSID\{FFD2F15B-B5F1-46FE-96B0-91A91D88F804}
HKCR\CLSID\{FFD2F15B-B5F1-46FE-96B0-91A91D88F804}\InprocServer32
HKCR\CLSID\{FFD2F15B-B5F1-46FE-96B0-91A91D88F804}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\HNFJAFQE.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{45F331F7-3889-4584-8184-B61259B10987}\RP505\A0199579.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{45F331F7-3889-4584-8184-B61259B10987}\RP505\A0199581.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{45F331F7-3889-4584-8184-B61259B10987}\RP505\A0199582.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{45F331F7-3889-4584-8184-B61259B10987}\RP505\A0199584.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{45F331F7-3889-4584-8184-B61259B10987}\RP505\A0199585.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{45F331F7-3889-4584-8184-B61259B10987}\RP505\A0199586.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{45F331F7-3889-4584-8184-B61259B10987}\RP505\A0199587.DLL
C:\WINDOWS\SYSTEM32\AIVSJOKB.DLL
C:\WINDOWS\SYSTEM32\BJTFLVYA.DLL
C:\WINDOWS\SYSTEM32\CQQYTRFK.DLL
C:\WINDOWS\SYSTEM32\ENLOFOGY.DLL
C:\WINDOWS\SYSTEM32\EXXOPPJQ.DLL
C:\WINDOWS\SYSTEM32\FPTTDSIB.DLL
C:\WINDOWS\SYSTEM32\FXCJDCAR.DLL
C:\WINDOWS\SYSTEM32\GCFVENOR.DLL
C:\WINDOWS\SYSTEM32\GEUUMRKV.DLL
C:\WINDOWS\SYSTEM32\GOJGGPXD.DLL
C:\WINDOWS\SYSTEM32\GPDYOLQI.DLL
C:\WINDOWS\SYSTEM32\HACLBMJQ.DLL
C:\WINDOWS\SYSTEM32\HKJFWBQA.DLL
C:\WINDOWS\SYSTEM32\IIWWUTCX.DLL
C:\WINDOWS\SYSTEM32\INLOQYME.DLL
C:\WINDOWS\SYSTEM32\JCLBWYOB.DLL
C:\WINDOWS\SYSTEM32\JKYSXVOE.DLL
C:\WINDOWS\SYSTEM32\KTEGPJUG.DLL
C:\WINDOWS\SYSTEM32\KURHPPVW.DLL
C:\WINDOWS\SYSTEM32\LCMQAKWS.DLL
C:\WINDOWS\SYSTEM32\OJTVWETB.DLL
C:\WINDOWS\SYSTEM32\QGYAYJJN.DLL
C:\WINDOWS\SYSTEM32\QXXIEQFB.DLL
C:\WINDOWS\SYSTEM32\RRIATGBV.DLL
C:\WINDOWS\SYSTEM32\RRKBMAGW.DLL
C:\WINDOWS\SYSTEM32\SIECOKKD.DLL
C:\WINDOWS\SYSTEM32\TXWEMJGV.DLL
C:\WINDOWS\SYSTEM32\VBCUVYBK.DLL
C:\WINDOWS\SYSTEM32\WEUWRCQG.DLL
C:\WINDOWS\SYSTEM32\YALOFMKC.DLL
C:\WINDOWS\SYSTEM32\YBFEPTYC.DLL
C:\WINDOWS\SYSTEM32\YCEXJDGC.DLL
C:\WINDOWS\SYSTEM32\YJCGBPNS.DLL
Trojan.WinFixer
HKLM\Software\Classes\CLSID\{56E1F8C3-C2D1-4B7D-86D8-4B0603BD59E2}
HKCR\CLSID\{56E1F8C3-C2D1-4B7D-86D8-4B0603BD59E2}
HKCR\CLSID\{56E1F8C3-C2D1-4B7D-86D8-4B0603BD59E2}\InprocServer32
HKCR\CLSID\{56E1F8C3-C2D1-4B7D-86D8-4B0603BD59E2}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\PMKJH.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56E1F8C3-C2D1-4B7D-86D8-4B0603BD59E2}
Adware.Vundo Variant
HKLM\Software\Classes\CLSID\{8E3FBDE2-7DBD-4040-85D9-29BBC559C129}
HKCR\CLSID\{8E3FBDE2-7DBD-4040-85D9-29BBC559C129}
HKCR\CLSID\{8E3FBDE2-7DBD-4040-85D9-29BBC559C129}\InprocServer32
HKCR\CLSID\{8E3FBDE2-7DBD-4040-85D9-29BBC559C129}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\BYXYAYX.DLL
HKLM\Software\Classes\CLSID\{CA4F0D8D-5F2B-4F16-838A-8D52249EAB21}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E3FBDE2-7DBD-4040-85D9-29BBC559C129}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks#{8E3FBDE2-7DBD-4040-85D9-29BBC559C129}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks#{CA4F0D8D-5F2B-4F16-838A-8D52249EAB21}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks#{D7FD6C15-4927-4AAE-BF12-FBDABD287EB1}
HKCR\CLSID\{8E3FBDE2-7DBD-4040-85D9-29BBC559C129}
HKCR\CLSID\{CA4F0D8D-5F2B-4F16-838A-8D52249EAB21}
HKCR\CLSID\{CA4F0D8D-5F2B-4F16-838A-8D52249EAB21}\InprocServer32
HKCR\CLSID\{CA4F0D8D-5F2B-4F16-838A-8D52249EAB21}\InprocServer32#ThreadingModel
Transponder Variant BHO
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000250-0320-4dd4-be4f-7566d2314352}
Unclassified.Unknown Origin
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15651c7c-e812-44a2-a9ac-b467a2233e7d}
Adware.2020Search
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4e1075f4-eec4-4a86-add7-cd5f52858c31}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4e7bd74f-2b8d-469e-92c6-ce7eb590a94d}
Adware.180solutions/SurfAssistant
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5dafd089-24b1-4c5e-bd42-8ca72550717b}
Adware.Second Thought
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{965a592f-8efa-4250-8630-7960230792f1}
C:\WINDOWS\BOKJA.EXE
C:\WINDOWS\STCLOADER.EXE
Adware.Tracking Cookie
C:\Documents and Settings\Home\Cookies\[email protected][1].txt
C:\Documents and Settings\Home\Cookies\home@adinterax[2].txt
C:\Documents and Settings\Home\Cookies\home@centralmediaserver[2].txt
C:\Documents and Settings\Home\Cookies\[email protected][4].txt
C:\Documents and Settings\Home\Cookies\home@revsci[2].txt
C:\Documents and Settings\Home\Cookies\[email protected][2].txt
C:\Documents and Settings\Home\Cookies\home@insightexpressai[10].txt
C:\Documents and Settings\Home\Cookies\home@insightexpressai[11].txt
C:\Documents and Settings\Home\Cookies\home@insightexpressai[12].txt
C:\Documents and Settings\Home\Cookies\home@insightexpressai[13].txt
C:\Documents and Settings\Home\Cookies\home@insightexpressai[14].txt
C:\Documents and Settings\Home\Cookies\home@insightexpressai[15].txt
C:\Documents and Settings\Home\Cookies\home@insightexpressai[16].txt
C:\Documents and Settings\Home\Cookies\home@insightexpressai[17].txt
C:\Documents and Settings\Home\Cookies\home@insightexpressai[18].txt
C:\Documents and Settings\Home\Cookies\home@insightexpressai[19].txt
C:\Documents and Settings\Home\Cookies\home@insightexpressai[1].txt
C:\Documents and Settings\Home\Cookies\home@insightexpressai[20].txt
C:\Documents and Settings\Home\Cookies\home@insightexpressai[21].txt
C:\Documents and Settings\Home\Cookies\home@insightexpressai[2].txt
C:\Documents and Settings\Home\Cookies\home@insightexpressai[3].txt
C:\Documents and Settings\Home\Cookies\home@insightexpressai[4].txt
C:\Documents and Settings\Home\Cookies\home@insightexpressai[5].txt
C:\Documents and Settings\Home\Cookies\home@insightexpressai[6].txt
C:\Documents and Settings\Home\Cookies\home@insightexpressai[7].txt
C:\Documents and Settings\Home\Cookies\home@insightexpressai[8].txt
C:\Documents and Settings\Home\Cookies\home@insightexpressai[9].txt
C:\Documents and Settings\Home\Cookies\home@media6degrees[2].txt
C:\Documents and Settings\Home\Cookies\[email protected][1].txt
C:\Documents and Settings\Home\Local Settings\Temp\Cookies\home@adinterax[2].txt
C:\Documents and Settings\Home\Local Settings\Temp\Cookies\home@adlegend[2].txt
C:\Documents and Settings\Home\Local Settings\Temp\Cookies\home@adnetserver[2].txt
C:\Documents and Settings\Home\Local Settings\Temp\Cookies\home@adultfriendfinder[2].txt
C:\Documents and Settings\Home\Local Settings\Temp\Cookies\home@atwola[1].txt
C:\Documents and Settings\Home\Local Settings\Temp\Cookies\home@insightexpressai[1].txt
C:\Documents and Settings\Home\Local Settings\Temp\Cookies\home@interclick[2].txt
C:\Documents and Settings\Home\Local Settings\Temp\Cookies\home@media6degrees[2].txt
C:\Documents and Settings\Home\Local Settings\Temp\Cookies\[email protected][1].txt
C:\Documents and Settings\Home\Local Settings\Temp\Cookies\home@sexmedo[1].txt
C:\Documents and Settings\Home\Local Settings\Temp\Cookies\home@socialmedia[1].txt
C:\Documents and Settings\Home\Local Settings\Temp\Cookies\[email protected][2].txt
Adware.180solutions/ZangoSearch
C:\Program Files\Zango\zango.exe
C:\Program Files\Zango
Adware.180solutions/Seekmo
C:\Program Files\Seekmo\seekmohook.dll