Logfile of HijackThis v1.97.7
Scan saved at 1:56:59 AM, on 9/7/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\vptray.exe
C:\Program Files\Winamp\Winampa.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
C:\WINDOWS\ndgqcau.exe
C:\WINDOWS\sosxfa.exe
C:\WINDOWS\bdmiaklho.exe
C:\WINDOWS\pxukokhcd.exe
C:\WINDOWS\hzefd.exe
C:\WINDOWS\pgwwduai.exe
C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\WINDOWS\iancakkpg.exe
C:\WINDOWS\eeyy.exe
C:\WINDOWS\brcvmcbh.exe
C:\WINDOWS\knskm.exe
C:\WINDOWS\xurfuuyvx.exe
C:\WINDOWS\hclxwzble.exe
C:\WINDOWS\olym.exe
C:\WINDOWS\zlgvz.exe
C:\WINDOWS\homhgk.exe
C:\WINDOWS\wnmomq.exe
C:\WINDOWS\ydfrcpjw.exe
C:\WINDOWS\miluozz.exe
C:\WINDOWS\xhtcvkyf.exe
C:\WINDOWS\vrcsyh.exe
C:\WINDOWS\stscgzpe.exe
C:\WINDOWS\sswqrsks.exe
C:\WINDOWS\sryjkpum.exe
C:\WINDOWS\carcmux.exe
C:\WINDOWS\rogpdbjac.exe
C:\WINDOWS\awaifglr.exe
C:\WINDOWS\nftvklq.exe
C:\WINDOWS\aqlwxg.exe
C:\WINDOWS\wdvapr.exe
C:\WINDOWS\oyyaplu.exe
C:\WINDOWS\eebe.exe
C:\WINDOWS\rtxb.exe
C:\WINDOWS\dsavcnw.exe
C:\WINDOWS\nbstmvo.exe
C:\WINDOWS\tzaln.exe
C:\WINDOWS\vqhsgnkhz.exe
C:\WINDOWS\nntd.exe
C:\WINDOWS\wbpjt.exe
C:\WINDOWS\rxedva.exe
C:\WINDOWS\gsckxj.exe
C:\WINDOWS\ydkr.exe
C:\WINDOWS\qyaqkh.exe
C:\WINDOWS\ourzi.exe
C:\WINDOWS\lxjcke.exe
C:\WINDOWS\jqime.exe
C:\WINDOWS\qlbzusmdi.exe
C:\WINDOWS\ggxmdfipt.exe
C:\WINDOWS\qnvsqdgui.exe
C:\WINDOWS\naunesz.exe
C:\WINDOWS\qmxmjzrpa.exe
C:\WINDOWS\flcur.exe
C:\WINDOWS\xvopqihwu.exe
C:\WINDOWS\ixftwlk.exe
C:\WINDOWS\grgvauwdv.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\aanb.exe
C:\WINDOWS\aanb.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\BullsEye Network\bin\bargains.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Carly Zimmermann\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://education.dellnet.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://education.dellnet.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://education.dellnet.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - (no file)
O1 - Hosts: 12.129.205.209 search.netscape.com
O1 - Hosts: 12.129.205.209 search.netscape.com12.129.205.209 sitefinder.verisign.com
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {AEECBFDA-12FA-4881-BDCE-8C3E1CE4B344} - C:\WINDOWS\System32\nvms.dll
O2 - BHO: (no name) - {CE188402-6EE7-4022-8868-AB25173A3E14} - C:\WINDOWS\System32\mscb.dll
O2 - BHO: Url Catcher - {CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1} - C:\Program Files\Bargain Buddy\bin\apuc.dll
O2 - BHO: (no name) - {D05EDEA3-E273-4672-83B4-5FC65C531A20} - C:\WINDOWS\afraevb.dll
O2 - BHO: (no name) - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\System32\msbe.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [vptray] C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\vptray.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\Program Files\AIM\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [eghvx] C:\WINDOWS\orvtw.exe
O4 - HKLM\..\Run: [vyzmfij] C:\WINDOWS\ndgqcau.exe
O4 - HKLM\..\Run: [icxqpipw] C:\WINDOWS\sosxfa.exe
O4 - HKLM\..\Run: [OSS] C:\WINDOWS\SYSTEM32\ossproxy.exe -boot
O4 - HKLM\..\Run: [qtkqzku] C:\WINDOWS\bdmiaklho.exe
O4 - HKLM\..\Run: [duohkxsl] C:\WINDOWS\pxukokhcd.exe
O4 - HKLM\..\Run: [egobmhp] C:\WINDOWS\hzefd.exe
O4 - HKLM\..\Run: [lvzmd] C:\WINDOWS\pgwwduai.exe
O4 - HKLM\..\Run: [gioriaaw] C:\WINDOWS\iancakkpg.exe
O4 - HKLM\..\Run: [imouwwrzb] C:\WINDOWS\eeyy.exe
O4 - HKLM\..\Run: [rnlj] C:\WINDOWS\brcvmcbh.exe
O4 - HKLM\..\Run: [ogvhwwunf] C:\WINDOWS\knskm.exe
O4 - HKLM\..\Run: [dwoytcrm] C:\WINDOWS\xurfuuyvx.exe
O4 - HKLM\..\Run: [yighkc] C:\WINDOWS\hclxwzble.exe
O4 - HKLM\..\Run: [oweqehjw] C:\WINDOWS\olym.exe
O4 - HKLM\..\Run: [uqoq] C:\WINDOWS\zlgvz.exe
O4 - HKLM\..\Run: [jalkj] C:\WINDOWS\homhgk.exe
O4 - HKLM\..\Run: [ntlvzhbe] C:\WINDOWS\wnmomq.exe
O4 - HKLM\..\Run: [gwftohgq] C:\WINDOWS\ydfrcpjw.exe
O4 - HKLM\..\Run: [vubiddhb] C:\WINDOWS\miluozz.exe
O4 - HKLM\..\Run: [gyyoelxr] C:\WINDOWS\xhtcvkyf.exe
O4 - HKLM\..\Run: [qkkxuzcd] C:\WINDOWS\vrcsyh.exe
O4 - HKLM\..\Run: [nmfdg] C:\WINDOWS\stscgzpe.exe
O4 - HKLM\..\Run: [nlhwafl] C:\WINDOWS\sswqrsks.exe
O4 - HKLM\..\Run: [nlitl] C:\WINDOWS\sryjkpum.exe
O4 - HKLM\..\Run: [oegv] C:\WINDOWS\carcmux.exe
O4 - HKLM\..\Run: [xdtduvsh] C:\WINDOWS\rogpdbjac.exe
O4 - HKLM\..\Run: [isqlnl] C:\WINDOWS\awaifglr.exe
O4 - HKLM\..\Run: [muanpsohh] C:\WINDOWS\nftvklq.exe
O4 - HKLM\..\Run: [ayxdtx] C:\WINDOWS\aqlwxg.exe
O4 - HKLM\..\Run: [pvitdx] C:\WINDOWS\wdvapr.exe
O4 - HKLM\..\Run: [anuijnvlv] C:\WINDOWS\oyyaplu.exe
O4 - HKLM\..\Run: [ycpgwn] C:\WINDOWS\eebe.exe
O4 - HKLM\..\Run: [fhvvhuj] C:\WINDOWS\rtxb.exe
O4 - HKLM\..\Run: [kwatyjoi] C:\WINDOWS\dsavcnw.exe
O4 - HKLM\..\Run: [amwfuij] C:\WINDOWS\nbstmvo.exe
O4 - HKLM\..\Run: [jvigt] C:\WINDOWS\tzaln.exe
O4 - HKLM\..\Run: [fyfbc] C:\WINDOWS\vqhsgnkhz.exe
O4 - HKLM\..\Run: [hulwmigf] C:\WINDOWS\nntd.exe
O4 - HKLM\..\Run: [vnufqcg] C:\WINDOWS\wbpjt.exe
O4 - HKLM\..\Run: [uvjg] C:\WINDOWS\rxedva.exe
O4 - HKLM\..\Run: [bxtmeh] C:\WINDOWS\gsckxj.exe
O4 - HKLM\..\Run: [vcnhbe] C:\WINDOWS\ydkr.exe
O4 - HKLM\..\Run: [gnjht] C:\WINDOWS\qyaqkh.exe
O4 - HKLM\..\Run: [axakiwh] C:\WINDOWS\ourzi.exe
O4 - HKLM\..\Run: [fooxi] C:\WINDOWS\lxjcke.exe
O4 - HKLM\..\Run: [rzspyrkrt] C:\WINDOWS\jqime.exe
O4 - HKLM\..\Run: [tuezaf] C:\WINDOWS\qlbzusmdi.exe
O4 - HKLM\..\Run: [abdqhjya] C:\WINDOWS\ggxmdfipt.exe
O4 - HKLM\..\Run: [vqouon] C:\WINDOWS\qnvsqdgui.exe
O4 - HKLM\..\Run: [smvgq] C:\WINDOWS\naunesz.exe
O4 - HKLM\..\Run: [urlejc] C:\WINDOWS\qmxmjzrpa.exe
O4 - HKLM\..\Run: [svcu] C:\WINDOWS\flcur.exe
O4 - HKLM\..\Run: [duuh] C:\WINDOWS\xvopqihwu.exe
O4 - HKLM\..\Run: [krmx] C:\WINDOWS\ixftwlk.exe
O4 - HKLM\..\Run: [180ax] c:\windows\180ax.exe
O4 - HKLM\..\Run: [CashBack] C:\Program Files\CashBack\bin\cashback.exe
O4 - HKLM\..\Run: [NaviSearch] C:\Program Files\NaviSearch\bin\nls.exe
O4 - HKLM\..\Run: [upyzbr] C:\WINDOWS\grgvauwdv.exe
O4 - HKLM\..\Run: [vbqfx] C:\WINDOWS\aanb.exe
O4 - HKLM\..\Run: [BullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [BLMessagingIntegration] C:\Program Files\Common Files\PSD Tools\blengine.exe
O4 - HKCU\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe
O4 - Startup: Virtual Bouncer.lnk = C:\Program Files\VBouncer\VirtualBouncer.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Real.com (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macr...ash/swflash.cab