Scan saved at 11:52:36 AM, on 6/9/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\runservice.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\RpcS.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Common Files\AOL\1135051697\ee\aolsoftware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCMTR.EXE
C:\WINDOWS\ALCWZRD.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\HP_Owner\My Documents\HijackThis.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...arm1=seconduser
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...arm1=seconduser
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.comcast.n...lbar2.0/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.n...lbar2.0/search/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Comcast
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 63.149.98.22:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AOLSearchHook Class - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O2 - BHO: AOL Search Enhancement - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [tgcmd] C:\Program Files\Support.com\bin\tgcmd.exe /server /startmonitor /deaf
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [XboxStat] "c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [anistio] C:\WINDOWS\anistio.exE
O4 - HKLM\..\Run: [issms32] C:\WINDOWS\issms32.exe
O4 - HKLM\..\Run: [ptshell] C:\WINDOWS\ptshell.exe
O4 - HKLM\..\Run: [hefcndy] C:\WINDOWS\hefcndy.exe
O4 - HKLM\..\Run: [dkjfardg] C:\WINDOWS\kfrgpdzm.exe
O4 - HKLM\..\Run: [ticisms] C:\WINDOWS\ticisms.exe
O4 - HKLM\..\Run: [fmsbbqi] C:\WINDOWS\fmsbbqi.exe
O4 - HKLM\..\Run: [tciocp64] C:\WINDOWS\tciocp64.exe
O4 - HKLM\..\Run: [mfchlp64] C:\WINDOWS\mfchlp64.exe
O4 - HKLM\..\Run: [dionpis] C:\WINDOWS\dionpis.exe
O4 - HKLM\..\Run: [fmsiocps] C:\WINDOWS\fmsiocps.exe
O4 - HKLM\..\Run: [bincdwsa] C:\WINDOWS\bincdwsa.exe
O4 - HKLM\..\Run: [fmbiost] C:\WINDOWS\fmbiost.exe
O4 - HKLM\..\Run: [fmsjhif] C:\WINDOWS\fmsjhif.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - Startup: HP Organize.lnk = ?
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Startup: RollerCoaster Tycoon 3 Registration.lnk = C:\Documents and Settings\HP_Owner\Local Settings\Temp\{9E38AB3D-29E6-4FBC-ACA1-ED646AEA8E71}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html
O8 - Extra context menu item: Add To HP Organize... - C:\PROGRA~1\HEWLET~1\HPORGA~1\bin/module.main/favorites\ie_add_to.html
O8 - Extra context menu item: Add to Media Manager... - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open with BitPump - C:\Program Files\AnalogX\BitPump\ieint.htm
O9 - Extra button: iOpus iMacros - {0483894E-2422-45E0-8384-021AFF1AF3CD} - C:\Program Files\iMacros\imacros.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.co.../sysreqlab3.cab
O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} (Rhapsody Player Engine) - http://forms.real.co...ne_Inst_Win.cab
O16 - DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE} (get_atlcom Class) - http://apps.corel.co...IEGetPlugin.ocx
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemreq.../sysreqlab2.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://us.games2.yim...ctl_0_0_0_1.ocx
O16 - DPF: {95D88B35-A521-472B-A182-BB1A98356421} (Pearson Installation Assistant 2) - http://asp.mathxl.co...nstallAsst2.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://dist.globalga...ffyLauncher.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://download.game...outLauncher.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://download.game...inematycoon.cab
O16 - DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} (Pearson MathXL Player) - http://asp.mathxl.co.../MathPlayer.cab
O20 - AppInit_DLLs: msosmhfp10.dll,msosdohs04.dll,nicozftp02.dll,fmsiocps.dll,gptryc.dll,tqmnqn.dll,
hgvrjd.dll,pcmwfg.dll,tpeikh.dll,pzpene.dll,gbxsab.dll,jvrkcd.dll,zggoaj.dll,rkgk
bv.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 14752 bytes
Malwarebytes' Anti-Malware 1.15
Database version: 842
10:24:33 AM 6/9/2008
mbam-log-6-9-2008 (10-24-33).txt
Scan type: Quick Scan
Objects scanned: 65058
Time elapsed: 15 minute(s), 35 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 11
Registry Keys Infected: 32
Registry Values Infected: 19
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 56
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
C:\WINDOWS\system32\bincdwsa.dll (Trojan.Agent) -> Unloaded module successfully.
C:\WINDOWS\system32\fmsbbqi.dll (Trojan.Agent) -> Unloaded module successfully.
C:\WINDOWS\system32\tciocp64.dll (Spyware.OnlineGames) -> Unloaded module successfully.
C:\WINDOWS\system32\mfchlp64.dll (Spyware.OnlineGames) -> Unloaded module successfully.
C:\WINDOWS\system32\ticisms.dll (Spyware.OnlineGames) -> Unloaded module successfully.
C:\WINDOWS\system32\anistio.dll (Spyware.OnlineGames) -> Unloaded module successfully.
C:\WINDOWS\system32\hefcndy.dll (Spyware.OnlineGames) -> Unloaded module successfully.
C:\WINDOWS\system32\fmbiost.dll (Spyware.OnlineGames) -> Unloaded module successfully.
C:\WINDOWS\system32\issms32.dll (Spyware.OnlineGames) -> Unloaded module successfully.
C:\WINDOWS\system32\dionpis.dll (Spyware.OnlineGames) -> Unloaded module successfully.
C:\WINDOWS\system32\fmsiocps.dll (Spyware.OnLineGames) -> Unloaded module successfully.
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{33496778-0658-40bc-8352-a8f884ca282b} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{dc3d30ae-0380-4151-8934-ee98a34b0370} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9692be2f-eb8f-49d9-a11c-c24c1ef734d5} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{a8954909-1f0f-41a5-a7fa-3b376d69e226} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.tb (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.tb.1 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\msfpfis64 (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\msfpfis64 (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\msfpfis64 (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\msfpfis64 (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\msp2p32 (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\zftp (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8c3dd05d-a6a1-4cb5-a714-94be3c3b4cd0} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c064c122-504c-4793-a16c-2b061dd0c774} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\msp2p32 (Spyware.OnLineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\msp2p32 (Spyware.OnLineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\msp2p32 (Spyware.OnLineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360rpt.exe (Security.Hijack) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360Safe.exe (Security.Hijack) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360tray.exe (Security.Hijack) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RAVmon.exe (Security.Hijack) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RAVmonD.exe (Security.Hijack) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CCenter.exe (Security.Hijack) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatch.exe (Security.Hijack) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360safebox.exe (Security.Hijack) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPPMain.exe (Security.Hijack) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QQDoctor.exe (Security.Hijack) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QQKav.exe (Security.Hijack) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safeboxTray.exe (Security.Hijack) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tqat.exe (Security.Hijack) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\anistio (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\issms32 (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ptshell (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dkjfardg (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ticisms (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fmsbbqi (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tciocp64 (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dionpis (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bincdwsa (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fmbiost (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fmsjhif (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{33496778-0658-40bc-8352-a8f884ca282b} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{dc3d30ae-0380-4151-8934-ee98a34b0370} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{d60a0b68-ef3a-a1d2-fd09-3a81a121d2b1} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fmsiocps (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hefcndy (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mfchlp64 (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{8c3dd05d-a6a1-4cb5-a714-94be3c3b4cd0} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{c064c122-504c-4793-a16c-2b061dd0c774} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\anistio.exE (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\issms32.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\ptshell.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\kfrgpdzm.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\ticisms.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\fmsbbqi.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\tciocp64.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\dionpis.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\bincdwsa.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\fmbiost.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\fmsjhif.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\MMKAFNFW1095.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mfdesy.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msosdohs00.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msosdohs01.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msosdohs02.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msosdohs03.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msosdohs04.dll (Spyware.OnlineGames) -> Delete on reboot.
C:\WINDOWS\system32\nicozftp00.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nicozftp01.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nicozftp02.dll (Spyware.OnlineGames) -> Delete on reboot.
C:\WINDOWS\system32\drivers\msosmsfpfis64.sys (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\nicomsp2p32.sys (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\rdjtvb.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Local Settings\Temp\tmp3F8.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Local Settings\Temp\tmp3F9.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Local Settings\Temp\tmp3FA.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Local Settings\Temp\tmp3FB.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Local Settings\Temp\tmp3FC.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Local Settings\Temp\tmp408.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Local Settings\Temp\tmp40A.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Local Settings\Temp\tmp40B.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Local Settings\Temp\tmp40C.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Local Settings\Temp\tmp40D.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Local Settings\Temp\tmp412.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Local Settings\Temp\tmp41B.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\autorun.inf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bincdwsa.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\fmsbbqi.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\fmsiocps.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\hefcndy.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\mfchlp64.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tciocp64.dll (Spyware.OnlineGames) -> Delete on reboot.
C:\WINDOWS\system32\msosmhfp00.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mfchlp64.dll (Spyware.OnlineGames) -> Delete on reboot.
C:\WINDOWS\system32\ticisms.dll (Spyware.OnlineGames) -> Delete on reboot.
C:\WINDOWS\system32\anistio.dll (Spyware.OnlineGames) -> Delete on reboot.
C:\WINDOWS\system32\hefcndy.dll (Spyware.OnlineGames) -> Delete on reboot.
C:\WINDOWS\system32\fmbiost.dll (Spyware.OnlineGames) -> Delete on reboot.
C:\WINDOWS\system32\issms32.dll (Spyware.OnlineGames) -> Delete on reboot.
C:\WINDOWS\system32\dionpis.dll (Spyware.OnlineGames) -> Delete on reboot.
C:\WINDOWS\system32\MMHADPQG1091.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\MMMHXGGD1061.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\msosmsp2p32.sys (Spyware.OnLineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fmsiocps.dll (Spyware.OnLineGames) -> Delete on reboot.
C:\WINDOWS\system32\RpcS.dll (Worm.Rbot) -> Quarantined and deleted successfully.
i keep geeting dll errors like msosdohs04.dll is not a valid windows image and also my youtube doesnt work i download flashplayer and enable javascript but it still doesnt work