Scan saved at 5:22:01 PM, on 10/12/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINDOWS\System32\command32.exe
C:\WINDOWS\System32\ifxsglqpyd.exe
C:\WINDOWS\System32\taskmrg.exe
C:\WINDOWS\System32\sygs.exe
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\WINDOWS\System32\MSupdate.exe
C:\WINDOWS\System32\svhost.exe
C:\Program Files\Messenger\msmsgs.exe
c:\kknjjo.exe
c:\tsahno.exe
c:\tsahno.exe
c:\jeaajjo.exe
\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE
C:\Documents and Settings\shivana\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.couldnotf...count_id=152839
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.couldnotf...count_id=152839
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.ca/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.couldnotf...count_id=152839
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 53.dll
O4 - HKLM\..\Run: [candy] command32.exe
O4 - HKLM\..\Run: [WindowsRegKey update] ifxsglqpyd.exe
O4 - HKLM\..\Run: [Microsoft DirectX] wuamgrd.exe
O4 - HKLM\..\Run: [Start Upping] taskmrg.exe
O4 - HKLM\..\Run: [B0681EE1] C:\WINDOWS\System32\jvsgl.exe
O4 - HKLM\..\Run: [Auto updat] SysDebug.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [cupsthqwcdcw] C:\WINDOWS\System32\gdssndio.exe
O4 - HKLM\..\Run: [conscorr] C:\WINDOWS\conscorr.exe
O4 - HKLM\..\Run: [Power Scan] C:\Program Files\Power Scan\powerscan.exe
O4 - HKLM\..\Run: [Sygates Personal Firewall] sygs.exe
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [Win32 System Spool] spoolsvc.exe
O4 - HKLM\..\Run: [Microsoft Update] MSupdate.exe
O4 - HKLM\..\Run: [Microsoft AutoUpdater] svhost.exe
O4 - HKLM\..\RunServices: [candy] command32.exe
O4 - HKLM\..\RunServices: [WindowsRegKey update] ifxsglqpyd.exe
O4 - HKLM\..\RunServices: [Microsoft DirectX] wuamgrd.exe
O4 - HKLM\..\RunServices: [Start Upping] taskmrg.exe
O4 - HKLM\..\RunServices: [D86A36CF] C:\WINDOWS\System32\jvsgl.exe
O4 - HKLM\..\RunServices: [Auto updat] SysDebug.exe
O4 - HKLM\..\RunServices: [Sygates Personal Firewall] sygs.exe
O4 - HKLM\..\RunServices: [Win32 System Spool] spoolsvc.exe
O4 - HKLM\..\RunServices: [Microsoft Update] MSupdate.exe
O4 - HKLM\..\RunServices: [Microsoft AutoUpdater] svhost.exe
O4 - HKLM\..\RunOnce: [Auto updat] SysDebug.exe
O4 - HKCU\..\Run: [WindowsRegKey update] ifxsglqpyd.exe
O4 - HKCU\..\Run: [Microsoft DirectX] wuamgrd.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Start Upping] taskmrg.exe
O4 - HKCU\..\Run: [Auto updat] SysDebug.exe
O4 - HKCU\..\Run: [Sygates Personal Firewall] sygs.exe
O4 - HKCU\..\Run: [Win32 System Spool] spoolsvc.exe
O4 - HKCU\..\Run: [Microsoft Update] MSupdate.exe
O4 - HKCU\..\Run: [Microsoft AutoUpdater] svhost.exe
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windup...839302c61fb4d2c
O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolba...006_regular.cab