I am posting here in a last ditch attempt to try to save my computer as I know I am slowly running out of time. Over the past few days I've been noticing a constant decrease in the free space of my HDD which has gone steadily from 12.4GB to 11.5GB within the 24hours with me just having my browser open and no dl's going on.
I've run various spyware/malware/anti-virus programs to no avail with my free DD space still shrinking. I've recently used:
CCCleaner
Ad-Adware 2007
AVG 7.5
Combofix (all 4 of these did help to clear up alot of space and even slow down the dissapearing HDD space problem, but not eliminate it)
and all the other relevant programs listed on your, "You must read this before posting a hijackthis log, Malware Cleaning Guide" sticky. I am including all the relevant logs below, please do let me know though if i have missed anything out, and i'll do my best to get it up asap. I would also like to thank you all in advance for having the courtesy to help me with my problem
(p.s. I am aware that i have a homekeylogger.exe file on my computer and I do use this regularly to monitor the browsing habits of my younger ones, as a precaution. I do not believe however that it is causing the problem as it is just a basic keystroke program that I have used for over 2 years and this problem seems to have come about within the last week or so)
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 05/09/2008 at 10:07 PM
Application Version : 4.0.1154
Core Rules Database Version : 3456
Trace Rules Database Version: 1448
Scan type : Complete Scan
Total Scan Time : 03:37:44
Memory items scanned : 502
Memory threats detected : 0
Registry items scanned : 6750
Registry threats detected : 0
File items scanned : 103125
File threats detected : 1
Adware.Casino Games (Golden Palace Casino)
C:\POKER\VC STUDENT POKER\CASINO.EXE
PANDASCAN
;*******************************************************************************
*********************************************************************************
*******************
ANALYSIS: 2008-05-10 03:10:59
PROTECTIONS: 2
MALWARE: 14
SUSPECTS: 8
;*******************************************************************************
*********************************************************************************
*******************
PROTECTIONS
Description Version Active Updated
;===============================================================================
=================================================================================
===================
AVG 7.5.524 7.5.524 Yes Yes
Norton Internet Security 2005 No No
;===============================================================================
=================================================================================
===================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===============================================================================
=================================================================================
===================
00034463 adware/wupd Adware No 0 Yes No HKEY_LOCAL_MACHINE\Software\Microsoft\Code Store Database\Distribution Units\{15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6}
00035328 Application/KillApp.A HackTools No 0 Yes No C:\hp\bin\Terminator.exe
00101555 Application/KillApp.B HackTools No 0 Yes No C:\hp\bin\KillIt.exe
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000352.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000346.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\5ah4ebou.default\cookies.txt[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000371.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000363.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000342.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000340.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000338.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000336.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000333.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000344.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000195.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000328.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000327.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000368.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000306.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000005.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000301.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000011.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000299.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000021.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000297.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000037.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000294.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000040.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000293.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000042.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000291.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000047.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000283.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000051.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000281.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000053.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000278.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000056.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000274.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000058.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000273.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000062.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000270.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000065.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000268.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000067.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000266.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000069.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000263.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000071.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000262.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000074.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000260.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000077.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000258.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000082.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000256.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000083.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000254.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000086.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000252.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000089.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000247.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000091.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000244.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000094.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000243.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000096.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000241.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000098.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000235.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000103.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000232.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000105.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000231.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000106.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000229.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000109.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000227.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000113.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000224.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000116.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000221.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000120.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000219.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000122.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000217.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000125.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000214.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000128.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000212.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000139.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000210.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000147.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000208.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000149.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000206.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000152.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000203.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000156.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000200.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000161.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000199.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000167.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000196.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000169.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000194.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000172.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000192.MOZ[.bfast.com/]
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000183.MOZ[.bfast.com/]
00148021 Application/FamilyKeylogger HackTools No 0 No No C:\Documents and Settings\Owner\My Documents\Download programs\keylogger-download\HomeKeyLogger-setup.exe[KeyLogger.exe]
00148021 Application/FamilyKeylogger HackTools No 0 Yes No C:\PROGRAM FILES\HOMEKEY\KEYLOGGER.EXE
00148021 Application/FamilyKeylogger HackTools No 0 No No C:\Documents and Settings\Owner\My Documents\Download programs\keylogger-download.zip[HomeKeyLogger-setup.exe][KeyLogger.exe]
00149645 Application/Keylogger-Pro HackTools No 0 No No C:\Documents and Settings\Owner\My Documents\Download programs\keylogger-download.zip[HomeKeyLogger-setup.exe][KeyLogger.Dll]
00149645 Application/Keylogger-Pro HackTools No 0 Yes No C:\Program Files\HomeKey\KeyLogger.Dll
00149645 Application/Keylogger-Pro HackTools No 0 No No C:\Documents and Settings\Owner\My Documents\Download programs\keylogger-download\HomeKeyLogger-setup.exe[KeyLogger.Dll]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000196.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000169.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000199.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000167.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000200.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000161.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000203.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000156.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000206.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000152.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000208.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000149.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000210.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000147.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000212.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000139.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000214.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000128.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000217.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000125.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000219.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000122.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000221.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000120.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000224.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000116.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000227.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000113.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000229.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000109.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000231.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000106.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000232.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000105.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000235.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000103.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000241.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000098.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000243.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000096.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000244.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000094.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000247.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000091.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000252.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000089.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000254.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000195.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000256.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000083.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000258.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000082.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000260.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000077.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000262.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000074.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000263.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000071.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000266.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000069.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000268.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000067.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000270.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000065.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000273.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000062.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000274.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000058.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000278.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000056.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000281.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000053.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000283.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000051.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000291.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000047.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000293.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000042.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000294.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000040.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000297.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000037.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000299.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000021.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000301.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000011.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000306.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000005.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000327.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000371.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000328.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000172.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000333.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000194.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000336.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000183.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000338.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000363.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000340.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000086.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000342.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000192.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000344.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000352.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000346.MOZ[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\5ah4ebou.default\cookies.txt[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00000368.MOZ[.com.com/]
00249874 application/alfacleaner HackTools No 0 Yes No c:\documents and settings\owner\application data\skinux
00359582 Application/Keylogger-Pro HackTools No 0 Yes No C:\Documents and Settings\Owner\My Documents\Download programs\keylogger-download\HomeKeyLogger-setup.exe
00359582 Application/Keylogger-Pro HackTools No 0 Yes No C:\Documents and Settings\Owner\My Documents\Download programs\keylogger-download.zip[HomeKeyLogger-setup.exe]
00527204 Application/PRScheduler HackTools No 0 Yes No C:\DOCUMENTS AND SETTINGS\OWNER\START MENU\PROGRAMS\STARTUP\POWERREG SCHEDULER V3.EXE
01176994 Bck/VB.XB Virus/Trojan No 0 No No C:\Documents and Settings\Owner\Desktop\ComboFix.exe[327882R2FWJFW\NirCmdC.cfexe]
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{E2428E38-B8A4-48ED-9563-FAC66F28201E}\RP1315\A0716689.EXE
02930316 Spyware/Virtumonde Spyware No 1 Yes No C:\QooBox\Quarantine\C\WINDOWS\system32\iifedcay.dll.vir
02935884 Spyware/Virtumonde Spyware No 1 Yes No C:\QooBox\Quarantine\C\WINDOWS\system32\awtSIXPf.dll.vir
;===============================================================================
=================================================================================
===================
SUSPECTS
Sent Location 4T
;===============================================================================
=================================================================================
===================
No C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\5ah4ebou.default\Cache\0525CF10d01
No C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\5ah4ebou.default\Cache\05B07F25d01
No C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\5ah4ebou.default\Cache\08AE9F3Ed01
No C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\5ah4ebou.default\Cache\19AFA2FAd01
No C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\5ah4ebou.default\Cache\5A76D385d01
No C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\5ah4ebou.default\Cache\68D9B959d01
No C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\5ah4ebou.default\Cache\B6224EDFd01
No C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\5ah4ebou.default\Cache\DB22A5ABd01
;===============================================================================
=================================================================================
===================
VULNERABILITIES
Id Severity Description 4T
;===============================================================================
=================================================================================
===================
;===============================================================================
=================================================================================
===================
HIJACK THIS
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:43:50, on 10/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\PQV2iSvc.exe
C:\PROGRA~1\NORTON~3\NORTON~1\NPROTECT.EXE
C:\PROGRA~1\NORTON~3\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\BT Auto Backup\VaultClientSRV.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Owner\My Documents\Download programs\BT\BT Voyager 100 ADSL Modem\drivers\WAN Driver\dsldrv\dslagent.exe
C:\Program Files\btbb_wcm\McciTrayApp.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-gb10.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.client...fo/bt_side.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://gb10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.client...arch.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://gb10.hpwis.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [GsiFinal] rundll32 gspndll.dll,postInstall final
O4 - HKLM\..\Run: [HomeKeyLogger] C:\Program Files\HomeKey\KeyLogger.exe
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Documents and Settings\Owner\My Documents\Download programs\BT\BT Voyager 100 ADSL Modem\drivers\WAN Driver\dsldrv\dslagent.exe
O4 - HKLM\..\Run: [btbb_wcm_McciTrayApp] C:\Program Files\btbb_wcm\McciTrayApp.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - HKCU\..\Run: [BTAgile] C:\Program Files\BT Broadband Talk Softphone\BTAgile.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: PowerReg Scheduler V3.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...kr.cab31267.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windup...e/bridge-c8.cab
O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.../US/install.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://us.chat1.yimg...v45/yacscom.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebo...toUploader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebo...otoUploader.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.c...utocomplete.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebo...Uploader4_5.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zon...wn.cab31267.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: EPSON Print
Sign In
Create Account
