Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Malware infection w-find and trojan-spy

Started by kjwhitehead , May 10 2005 11:08 PM

  • Please log in to reply

#1
kjwhitehead
Posted 10 May 2005 - 11:08 PM

kjwhitehead

    New Member

  • Member
  • Pip
  • 1 posts
Here is my log file. I also cannot run the Windows Updater and am getting an error that (0x080070424) I can't seem to fix.

Logfile of HijackThis v1.99.1
Scan saved at 1:01:36 AM, on 5/11/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\mocih.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv2.exe
C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
C:\WINDOWS\system32\JXIZQYGN.EXE
C:\WINDOWS\system32\RUNDLL32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InfoMyCa.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\picsvr\picsvr.exe
C:\windows\system32\taskmg.exe
C:\Program Files\PopUp Killer\popupkiller.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\PROGRA~1\Adaptec\EASYCD~1\CreateCD\createcd.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Messenger\msmsgs.exe
C:\wp.exe
C:\windows\gfcxpyx.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\PROGRA~1\Webshots\webshots.scr
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\Laura\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe
C:\Program Files\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://w-find.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://w-find.com/index.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://w-find.com/index.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://w-find.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://w-find.com/index.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {0AD937E7-2F37-4873-A05E-548A67EF1D0E} - (no file)
O2 - BHO: PowerSearch - {4E7BD74F-2B8D-469E-A3EE-FB7FA682AA7D} - C:\PROGRA~1\POWERS~1\Toolbar\pwrsdfp\pwrsdp1.dll (file missing)
O2 - BHO: BHOmodObj Class - {7F6828CA-9E42-462C-BC60-418C8144012C} - c:\windows\system\BHOmod.dll
O2 - BHO: FlashEnhancer Extnder - {A749B4BC-7621-4a80-9220-D0A283367DD5} - c:\Program Files\Fln\fln.dll
O3 - Toolbar: (no name) - {BDF6CE3D-F5C5-4462-9814-3C8EAC330CA8} - (no file)
O3 - Toolbar: PowerSearch - {4E7BD74F-2B8D-469E-A3EE-FB7FA682AA7D} - C:\PROGRA~1\POWERS~1\Toolbar\pwrsdfp\pwrsdp1.dll (file missing)
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [AOL Instent Messenger] JXIZQYGN.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb01.exe
O4 - HKLM\..\Run: [WUSB54Gv2] C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InvokeSvc3.exe
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DI2] "C:\DOCUME~1\Laura\LOCALS~1\Temp\27.exe\27.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [picsvr] C:\WINDOWS\system32\picsvr\picsvr.exe
O4 - HKLM\..\Run: [Windows Task Manager] c:\windows\system32\taskmg.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [PopUpKiller] C:\Program Files\PopUp Killer\popupkiller.EXE
O4 - HKLM\..\Run: [FlnCPY] "C:\Program Files\Common Files\Java\flncpy.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe"
O4 - HKLM\..\Run: [CreateCD] C:\PROGRA~1\Adaptec\EASYCD~1\CreateCD\createcd.exe -r
O4 - HKLM\..\RunOnce: [Srv32 spool service] C:\WINDOWS\System32\spoolsrv32.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WindowsFY] c:\wp.exe
O4 - HKCU\..\Run: [amsljrh] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [jxkcmhl] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [mmiegot] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [xoicmtt] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [vxygmmv] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [bwcltcy] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [qtdmiyw] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [fbupmbn] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [gkxmxnc] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [xluwgse] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [vphhcmy] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [rbgjrjp] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [wfslrxv] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [ncdxdoi] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [haokjwo] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [eaxgbll] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [cxcjibc] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [twsrhsr] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [rhoycng] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [hdyegnm] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [sbuxdfn] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [dhtdjww] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [jmekecx] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [sjtloiw] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [hxffuhx] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [lplyqwk] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [dhyvrej] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [abkwalu] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [rfodnpq] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [ubkdaia] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [hmrdmbq] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [kmccygy] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [hqliyib] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [tydvsme] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [nwsdiil] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [bqrllma] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [urhpyku] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [xxhtptn] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [sxkuvqq] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [oabluax] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [fiuaucp] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [cfmivoi] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [ggpojks] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [kcjxtin] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [sqjaxth] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [dmisxuv] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [lnchvhe] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [mewciny] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [tolrumo] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [boegquv] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [xdxoxfv] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [dbcvstx] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [umdyfuf] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [qehlwtx] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [irbyuuq] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [gqgxkai] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [jcmuskr] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [riniuqd] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [hyncdcq] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [brwbtup] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [yvaibrk] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [wjpjmqf] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [kldvakt] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [ymbdmvf] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [avbysqk] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [nnryeed] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [ebrpxte] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [vnypysc] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [tmivekm] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [unpoweo] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [wrpkqvp] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [ogiisoy] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [ibhulay] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [jjnpseh] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [pegfflw] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [fqwaawx] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [mloomyv] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [qxgbksn] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [cukwthj] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [wypixau] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [qajbuek] c:\windows\gfcxpyx.exe
O4 - HKCU\..\Run: [knywiky] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [kyhodxb] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [urvfanw] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [caudnnq] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [voowxmd] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [vsarjoo] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [nhaijym] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [oeukmac] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [mrcvyxj] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [cixktrq] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [lhuwmaj] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [bplogvs] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [qyeovtx] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [iqbpwuh] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [dwsaheq] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [kshapny] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [mmhahal] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [lqfcmrc] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [wkcmeqm] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [jmiamcv] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [oryjuhd] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [nncihwm] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [jviwuxg] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [jcerokj] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [syywqba] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [slqqqet] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [dfjftgq] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [cecrcxm] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [pwkyghy] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [rucygvj] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [ockcivw] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [gkglkuk] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [iudwyrf] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [ppevula] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [jwnoyoa] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [fxbxrps] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [jfoxyic] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [mdijsua] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [hnodgev] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [srbnsnr] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [aeigowo] c:\windows\exkjldr.exe
O4 - HKCU\..\Run: [wjltmpi] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [awcidmy] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [kgjwapy] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [irvqsnb] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [hahgfpv] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [tdgjlvv] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [jvlwhik] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [ncjwwjx] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [hfjdwxo] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [yonopbr] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [nycggmr] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [bkeqcho] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [pbtyimb] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [pbtrmkl] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [eaboxbw] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [ybcdvsw] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [fosyabx] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [fmwianj] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [lugqbuq] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [yvmrrxb] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [qcniifw] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [bgplqkt] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [adoknsf] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [yyblceg] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [qikgdao] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [ufokrpb] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [equlbyb] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [fitfhyt] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [inmofrm] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [ycdfxpn] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [ohrxhff] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [cqwvpgx] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [vstgnda] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [amjouuq] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [lgtxmvw] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [jtvexlv] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [txcgyxg] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [gcajcup] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [fijkwaq] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [nodqxun] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [jhyglrd] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [xakmfnl] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [vdkwcyd] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [mojyvnv] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [jhpdqbb] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [wtkkrmy] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [ebnwpee] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [vsetqyh] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [bwtwgbe] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [uqhwpwr] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [psywdlo] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [iuykpvd] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [vvuejfd] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [uttrayt] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [iakyehg] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [fqgmrhc] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [vtnyerx] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [uixikyx] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [vgahiyy] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [xedtaho] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [dhdkepb] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [ytbocmi] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [knhavpi] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [goopgok] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [fkgkpdj] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [eyqjtpr] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [ktdyyrv] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [asfudcu] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [lmshdqx] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [jnmjubb] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [wwpekxs] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [fefhuyk] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [qqqmxba] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [dtgosls] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [wdbrunu] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [sjlrivb] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [gtghjsc] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [yysgrml] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [ycxeeop] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [ruefbyv] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [btynkbr] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [xttjxba] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [qbstfvf] c:\windows\sqfipmm.exe
O4 - HKCU\..\Run: [eritrst] c:\windows\uucvvrm.exe
O4 - HKCU\..\Run: [hehbhvg] c:\windows\triyudu.exe
O4 - HKCU\..\Run: [rcuhjix] c:\windows\yndpinh.exe
O4 - HKCU\..\Run: [dalutec] c:\windows\yndpinh.exe
O4 - HKCU\..\Run: [nyykayq] c:\windows\joutnfu.exe
O4 - HKCU\..\Run: [nadqoty] c:\windows\joutnfu.exe
O4 - HKCU\..\Run: [biypysk] c:\windows\joutnfu.exe
O4 - HKCU\..\Run: [grljptn] c:\windows\joutnfu.exe
O4 - HKCU\..\Run: [pxbqcbx] c:\windows\joutnfu.exe
O4 - HKCU\..\Run: [asmwjgw] c:\windows\joutnfu.exe
O4 - HKCU\..\Run: [tvcqxbn] c:\windows\joutnfu.exe
O4 - HKCU\..\Run: [tyhovef] c:\windows\joutnfu.exe
O4 - HKCU\..\Run: [lixnuoe] c:\windows\joutnfu.exe
O4 - HKCU\..\Run: [pylaueh] c:\windows\fusuotb.exe
O4 - HKCU\..\Run: [btofand] c:\windows\fusuotb.exe
O4 - HKCU\..\Run: [jppwcri] c:\windows\fusuotb.exe
O4 - HKCU\..\Run: [yoppbpq] c:\windows\fusuotb.exe
O4 - HKCU\..\Run: [cbmaivm] c:\windows\fusuotb.exe
O4 - HKCU\..\Run: [bubwwew] c:\windows\axptdfj.exe
O4 - HKCU\..\Run: [rakgrqw] c:\windows\axptdfj.exe
O4 - HKCU\..\Run: [mjxfcme] c:\windows\axptdfj.exe
O4 - HKCU\..\Run: [iecdynu] c:\windows\axptdfj.exe
O4 - HKCU\..\Run: [vrqgjdr] c:\windows\axptdfj.exe
O4 - HKCU\..\Run: [saxykte] c:\windows\axptdfj.exe
O4 - HKCU\..\Run: [uoawnrm] c:\windows\axptdfj.exe
O4 - HKCU\..\Run: [wxrurpt] c:\windows\axptdfj.exe
O4 - HKCU\..\Run: [trxbvjj] c:\windows\axptdfj.exe
O4 - HKCU\..\Run: [gildkpf] c:\windows\axptdfj.exe
O4 - HKCU\..\Run: [cwwsybv] c:\windows\axptdfj.exe
O4 - HKCU\..\Run: [tecxfxg] c:\windows\xlxselm.exe
O4 - HKCU\..\Run: [mciilpr] c:\windows\xlxselm.exe
O4 - HKCU\..\Run: [wchnffh] c:\windows\hmjhxhg.exe
O4 - HKCU\..\Run: [tbqhxjy] c:\windows\bswriok.exe
O4 - HKCU\..\Run: [qxxmnlq] c:\windows\bswriok.exe
O4 - HKCU\..\Run: [yqxaqwe] c:\windows\bswriok.exe
O4 - HKCU\..\Run: [jywuibv] c:\windows\bswriok.exe
O4 - HKCU\..\Run: [guftsec] c:\windows\bswriok.exe
O4 - HKCU\..\Run: [rxvpyje] c:\windows\bswriok.exe
O4 - HKCU\..\Run: [mxmemxp] c:\windows\bswriok.exe
O4 - HKCU\..\Run: [wteawkk] c:\windows\bswriok.exe
O4 - HKCU\..\Run: [gqcvjiu] c:\windows\bswriok.exe
O4 - HKCU\..\Run: [ltqtrvx] c:\windows\bswriok.exe
O4 - HKCU\..\Run: [qhldigd] c:\windows\bswriok.exe
O4 - HKCU\..\Run: [jvnswme] c:\windows\bswriok.exe
O4 - HKCU\..\Run: [wivqgkq] c:\windows\bswriok.exe
O4 - HKCU\..\Run: [hhheugt] c:\windows\bswriok.exe
O4 - HKCU\..\Run: [swffttu] c:\windows\bswriok.exe
O4 - HKCU\..\Run: [gdgobub] c:\windows\ewkcobv.exe
O4 - HKCU\..\Run: [oybdbjf] c:\windows\ewkcobv.exe
O4 - HKCU\..\Run: [fkcjiaw] c:\windows\ewkcobv.exe
O4 - HKCU\..\Run: [rorqhxv] c:\windows\ewkcobv.exe
O4 - HKCU\..\Run: [kgcnoum] c:\windows\ewkcobv.exe
O4 - HKCU\..\RunOnce: [Srv32 spool service] C:\WINDOWS\System32\spoolsrv32.exe
O4 - HKCU\..\RunOnce: [AOL Instent Messenger] JXIZQYGN.EXE
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: SirSearch - file://C:\Program Files\PWRSDP1\Cache\SelectedContextSearch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {F1CAC152-C5C2-4327-9929-DCF0B25E14CF} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {F1CAC152-C5C2-4327-9929-DCF0B25E14CF} - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\flsmngr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\flsmngr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\flsmngr.dll
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://imgfarm.com/i...etup1.0.0.8.cab
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.micr...ActiveX/odc.cab
O16 - DPF: {3DFDD8B7-B38D-6C38-F335-448D2A42AEE4} - http://69.50.182.94/1/rdgUS1882.exe
O16 - DPF: {87067F04-DE4C-4688-BC3C-4FCF39D609E7} - http://download.webs...07/QDow_AS2.cab
O16 - DPF: {C0B285F6-DB2B-4908-9C58-F6D95397D747} - http://www.pacimedia...ll/pcs_0025.exe
O16 - DPF: {C4DD6732-1E82-4AE7-BD94-180331B84082} (DeltaCVX Control) - http://www.mathxl.co...ts/deltacvx.cab
O23 - Service: Trace network connections (ACCRA) - Unknown owner - C:\WINDOWS\system32\mocih.exe
O23 - Service: Loading Outpost Connections (KDE) - Unknown owner - C:\WINDOWS\system32\cmdtel.exe (file missing)
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Unknown owner - C:\Program Files\Norton AntiVirus\navapsvc.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: WUSB54Gv2SVC - Unknown owner - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe" "WUSB54Gv2.exe (file missing)
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP