unknown malware maybe antivirus 2009? Need some help [CLOSED]

Welcome Guest ( Log In | Join )

Discover the best free computer help!
Learn more about Geeks to Go by taking the tour. Want to ask a question, reply to a topic, or remove all advertising? It's easy, fast and free. Join today!
Spyware, virus, trojan, fake security or privacy alerts? Please start with our malware cleaning guide.

> Geeks to Go! » Security » Malware Removal - HijackThis� Logs Go Here

2 Pages

1 2 >

unknown malware maybe antivirus 2009? Need some help [CLOSED], unkown malware

Options

dan19666 View Member Profile	Jul 26 2008, 09:28 AM Post #1
New Member Posts: 8 OS: windows XP	HI everyone. I have run kaspersky, avg, spybot, and spyware blaster. I think I got some of it but something still isn't right. I'm still getting occasional popups and computer slow could someone PLEASE look at my file. Thank you Bobbi Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:25:52 AM, on 7/26/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\ICO.EXE C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Outlook Express\msimn.exe C:\WINDOWS\explorer.exe C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe C:\Documents and Settings\Dan\My Documents\HijackThis.exe C:\WINDOWS\notepad.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.ebay.com/_W0QQfgtpZ1QQfrppZ2...assZoldstufftwo F3 - REG:win.ini: load=C:\WINDOWS\system32\ljjgh.exe O2 - BHO: (no name) - {3E62B6AA-A7BB-4817-9B5F-3D9EE195CC6F} - C:\WINDOWS\system32\wvUkHYrO.dll (file missing) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: {4c417e86-592d-2f59-3c74-aac5b168ca5e} - {e5ac861b-5caa-47c3-95f2-d29568e714c4} - C:\WINDOWS\system32\fevvag.dll O4 - HKLM\..\Run: [VTPreset] VTPreset.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NAV CfgWiz] "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT" O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [24db4c3a] rundll32.exe "C:\WINDOWS\system32\dudgtcdc.dll",b O4 - HKLM\..\Run: [BM27e87fa6] Rundll32.exe "C:\WINDOWS\system32\snxfmvog.dll",s O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck O4 - HKLM\..\RunOnce: [SpybotDeletingC4019] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data007.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingA6001] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data009.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingC7503] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data009.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingA8919] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data011.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingC6226] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data011.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingA9103] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data013.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingC3396] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data013.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingA4173] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data016.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingC5787] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data016.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingA6702] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data017.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingC8100] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data017.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingA8775] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data020.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingC1187] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data020.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingA996] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data023.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingC6463] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data023.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingA7699] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data027.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingC8359] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data027.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingA7513] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data030.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingC6566] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data030.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingA7108] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data031.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingC4385] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data031.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingA5466] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data033.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingC4363] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data033.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingA5959] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data040.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingC9959] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data040.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingA2071] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data042.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingC3071] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data042.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingA2466] command /c del "C:\WINDOWS\system32\wvUkHYrO.dll_old" O4 - HKLM\..\RunOnce: [SpybotDeletingC717] cmd /c del "C:\WINDOWS\system32\wvUkHYrO.dll_old" O4 - HKLM\..\RunOnce: [SpybotDeletingA6532] command /c del "C:\WINDOWS\system32\snxfmvog.dll_old" O4 - HKLM\..\RunOnce: [SpybotDeletingC4852] cmd /c del "C:\WINDOWS\system32\snxfmvog.dll_old" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\RunOnce: [SpybotDeletingB460] command /c del "C:\Program Files\Performanceoptimizer (Free)\ua_manager.exe" O4 - HKCU\..\RunOnce: [SpybotDeletingD3854] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\ua_manager.exe" O4 - HKCU\..\RunOnce: [SpybotDeletingB9659] command /c del "C:\Program Files\Performanceoptimizer (Free)\uninstpo.exe" O4 - HKCU\..\RunOnce: [SpybotDeletingD8089] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\uninstpo.exe" O4 - HKCU\..\RunOnce: [SpybotDeletingB2992] command /c del "C:\Documents and Settings\Dan\Start Menu\Programs\Performance Optimizer\Performance Optimizer Home Page.lnk" O4 - HKCU\..\RunOnce: [SpybotDeletingD7792] cmd /c del "C:\Documents and Settings\Dan\Start Menu\Programs\Performance Optimizer\Performance Optimizer Home Page.lnk" O4 - HKCU\..\RunOnce: [SpybotDeletingB6454] command /c del "C:\Documents and Settings\Dan\Start Menu\Programs\Performance Optimizer\Performance Optimizer.lnk" O4 - HKCU\..\RunOnce: [SpybotDeletingD2831] cmd /c del "C:\Documents and Settings\Dan\Start Menu\Programs\Performance Optimizer\Performance Optimizer.lnk" O4 - HKCU\..\RunOnce: [SpybotDeletingB8668] command /c del "C:\Documents and Settings\Dan\Start Menu\Programs\Performance Optimizer\Sellmosoft Home Page.lnk" O4 - HKCU\..\RunOnce: [SpybotDeletingD3198] cmd /c del "C:\Documents and Settings\Dan\Start Menu\Programs\Performance Optimizer\Sellmosoft Home Page.lnk" O4 - HKCU\..\RunOnce: [SpybotDeletingB5132] command /c del "C:\Program Files\Performanceoptimizer (Free)\install_stat2.tmp" O4 - HKCU\..\RunOnce: [SpybotDeletingD685] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\install_stat2.tmp" O4 - HKCU\..\RunOnce: [SpybotDeletingB7120] command /c del "C:\Program Files\Performanceoptimizer (Free)\PerfOpt.exe" O4 - HKCU\..\RunOnce: [SpybotDeletingD7925] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\PerfOpt.exe" O4 - HKCU\..\RunOnce: [SpybotDeletingB6814] command /c del "C:\Program Files\Performanceoptimizer (Free)\Performance Optimizer Home Page.url" O4 - HKCU\..\RunOnce: [SpybotDeletingD3507] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Performance Optimizer Home Page.url" O4 - HKCU\..\RunOnce: [SpybotDeletingB6830] command /c del "C:\Program Files\Performanceoptimizer (Free)\Sellmosoft Home Page.url" O4 - HKCU\..\RunOnce: [SpybotDeletingD1809] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Sellmosoft Home Page.url" O4 - HKCU\..\RunOnce: [SpybotDeletingB5309] command /c del "C:\Program Files\Performanceoptimizer (Free)\sload.sbd" O4 - HKCU\..\RunOnce: [SpybotDeletingD6788] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\sload.sbd" O4 - HKCU\..\RunOnce: [SpybotDeletingB2830] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data001.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD5462] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data001.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB6912] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data003.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD9731] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data003.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB5437] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data006.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD3902] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data006.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB2423] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data007.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD3576] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data007.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB7315] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data009.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD451] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data009.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB1907] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data011.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD9167] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data011.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB5339] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data013.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD9814] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data013.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB8433] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data016.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD2409] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data016.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB2896] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data017.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD974] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data017.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB517] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data020.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD7287] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data020.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB7335] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data023.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD261] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data023.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB1507] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data027.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD3659] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data027.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB1844] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data030.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD5716] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data030.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB3259] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data031.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD1216] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data031.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB4132] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data033.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD2729] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data033.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB6579] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data040.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD9753] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data040.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB9876] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data042.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD3160] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data042.reg" O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Dan\Start Menu\Programs\IMVU\Run IMVU.lnk O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/u...can_unicode.cab O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://us.chat1.yimg.com/us.yimg.com/i/cha...v43/yacscom.cab O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} - http://a.download.toontown.com/sv1.0.25.14/ttinst.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} - http://tools.ebayimg.com/eps/activex/EPSControl_v1-0-3-0.cab O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: urqnomj - urqnomj.dll (file missing) O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 17587 bytes

Essexboy View Member Profile	Jul 26 2008, 03:05 PM Post #2
Global Moderator Posts: 10,071 From: Darkest Cornwall OS: Vista Ultimate	Hi there it appears that spybot is not able to delete them - so let me have a go QUOTE While TeaTimer is an excellent tool for the prevention of spyware, it can sometimes prevent HijackThis from fixing certain things. Please disable TeaTimer for now until you are clean. TeaTimer can be re-activated once your HijackThis log is clean. Open Spybot Search & Destroy. In the Mode menu click "Advanced mode" if not already selected. Choose "Yes" at the Warning prompt. Expand the "Tools" menu. Click "Resident". Uncheck the "Resident "TeaTimer" (Protection of overall system settings) active." box. In the File menu click "Exit" to exit Spybot Search & Destroy. Please re-open HiJackThis and scan. Check the boxes next to all the entries listed below. F3 - REG:win.ini: load=C:\WINDOWS\system32\ljjgh.exe O2 - BHO: (no name) - {3E62B6AA-A7BB-4817-9B5F-3D9EE195CC6F} - C:\WINDOWS\system32\wvUkHYrO.dll (file missing) O2 - BHO: {4c417e86-592d-2f59-3c74-aac5b168ca5e} - {e5ac861b-5caa-47c3-95f2-d29568e714c4} - C:\WINDOWS\system32\fevvag.dll O4 - HKLM\..\Run: [24db4c3a] rundll32.exe "C:\WINDOWS\system32\dudgtcdc.dll",b O4 - HKLM\..\Run: [BM27e87fa6] Rundll32.exe "C:\WINDOWS\system32\snxfmvog.dll",s O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck O4 - HKLM\..\RunOnce: [SpybotDeletingC4019] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data007.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingA6001] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data009.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingC7503] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data009.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingA8919] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data011.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingC6226] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data011.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingA9103] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data013.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingC3396] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data013.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingA4173] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data016.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingC5787] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data016.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingA6702] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data017.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingC8100] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data017.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingA8775] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data020.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingC1187] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data020.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingA996] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data023.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingC6463] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data023.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingA7699] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data027.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingC8359] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data027.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingA7513] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data030.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingC6566] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data030.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingA7108] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data031.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingC4385] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data031.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingA5466] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data033.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingC4363] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data033.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingA5959] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data040.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingC9959] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data040.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingA2071] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data042.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingC3071] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data042.reg" O4 - HKLM\..\RunOnce: [SpybotDeletingA2466] command /c del "C:\WINDOWS\system32\wvUkHYrO.dll_old" O4 - HKLM\..\RunOnce: [SpybotDeletingC717] cmd /c del "C:\WINDOWS\system32\wvUkHYrO.dll_old" O4 - HKLM\..\RunOnce: [SpybotDeletingA6532] command /c del "C:\WINDOWS\system32\snxfmvog.dll_old" O4 - HKLM\..\RunOnce: [SpybotDeletingC4852] cmd /c del "C:\WINDOWS\system32\snxfmvog.dll_old" O4 - HKCU\..\RunOnce: [SpybotDeletingB460] command /c del "C:\Program Files\Performanceoptimizer (Free)\ua_manager.exe" O4 - HKCU\..\RunOnce: [SpybotDeletingD3854] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\ua_manager.exe" O4 - HKCU\..\RunOnce: [SpybotDeletingB9659] command /c del "C:\Program Files\Performanceoptimizer (Free)\uninstpo.exe" O4 - HKCU\..\RunOnce: [SpybotDeletingD8089] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\uninstpo.exe" O4 - HKCU\..\RunOnce: [SpybotDeletingB2992] command /c del "C:\Documents and Settings\Dan\Start Menu\Programs\Performance Optimizer\Performance Optimizer Home Page.lnk" O4 - HKCU\..\RunOnce: [SpybotDeletingD7792] cmd /c del "C:\Documents and Settings\Dan\Start Menu\Programs\Performance Optimizer\Performance Optimizer Home Page.lnk" O4 - HKCU\..\RunOnce: [SpybotDeletingB6454] command /c del "C:\Documents and Settings\Dan\Start Menu\Programs\Performance Optimizer\Performance Optimizer.lnk" O4 - HKCU\..\RunOnce: [SpybotDeletingD2831] cmd /c del "C:\Documents and Settings\Dan\Start Menu\Programs\Performance Optimizer\Performance Optimizer.lnk" O4 - HKCU\..\RunOnce: [SpybotDeletingB8668] command /c del "C:\Documents and Settings\Dan\Start Menu\Programs\Performance Optimizer\Sellmosoft Home Page.lnk" O4 - HKCU\..\RunOnce: [SpybotDeletingD3198] cmd /c del "C:\Documents and Settings\Dan\Start Menu\Programs\Performance Optimizer\Sellmosoft Home Page.lnk" O4 - HKCU\..\RunOnce: [SpybotDeletingB5132] command /c del "C:\Program Files\Performanceoptimizer (Free)\install_stat2.tmp" O4 - HKCU\..\RunOnce: [SpybotDeletingD685] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\install_stat2.tmp" O4 - HKCU\..\RunOnce: [SpybotDeletingB7120] command /c del "C:\Program Files\Performanceoptimizer (Free)\PerfOpt.exe" O4 - HKCU\..\RunOnce: [SpybotDeletingD7925] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\PerfOpt.exe" O4 - HKCU\..\RunOnce: [SpybotDeletingB6814] command /c del "C:\Program Files\Performanceoptimizer (Free)\Performance Optimizer Home Page.url" O4 - HKCU\..\RunOnce: [SpybotDeletingD3507] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Performance Optimizer Home Page.url" O4 - HKCU\..\RunOnce: [SpybotDeletingB6830] command /c del "C:\Program Files\Performanceoptimizer (Free)\Sellmosoft Home Page.url" O4 - HKCU\..\RunOnce: [SpybotDeletingD1809] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Sellmosoft Home Page.url" O4 - HKCU\..\RunOnce: [SpybotDeletingB5309] command /c del "C:\Program Files\Performanceoptimizer (Free)\sload.sbd" O4 - HKCU\..\RunOnce: [SpybotDeletingD6788] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\sload.sbd" O4 - HKCU\..\RunOnce: [SpybotDeletingB2830] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data001.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD5462] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data001.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB6912] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data003.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD9731] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data003.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB5437] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data006.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD3902] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data006.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB2423] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data007.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD3576] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data007.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB7315] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data009.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD451] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data009.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB1907] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data011.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD9167] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data011.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB5339] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data013.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD9814] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data013.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB8433] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data016.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD2409] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data016.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB2896] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data017.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD974] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data017.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB517] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data020.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD7287] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data020.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB7335] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data023.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD261] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data023.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB1507] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data027.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD3659] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data027.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB1844] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data030.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD5716] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data030.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB3259] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data031.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD1216] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data031.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB4132] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data033.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD2729] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data033.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB6579] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data040.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD9753] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data040.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingB9876] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data042.reg" O4 - HKCU\..\RunOnce: [SpybotDeletingD3160] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data042.reg" O20 - Winlogon Notify: urqnomj - urqnomj.dll (file missing) Now close all windows other than HiJackThis, then click Fix Checked. Close HiJackThis. THEN Please download the OTMoveIt2 by OldTimer. Save it to your desktop. Please double-click OTMoveIt2.exe to run it. Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy): CODE C:\WINDOWS\system32\ljjgh.exe C:\WINDOWS\system32\wvUkHYrO.dll C:\WINDOWS\system32\fevvag.dll C:\WINDOWS\system32\dudgtcdc.dll C:\WINDOWS\system32\snxfmvog.dll C:\Program Files\Performanceoptimizer (Free) C:\WINDOWS\system32\wvUkHYrO.dll_old C:\WINDOWS\system32\snxfmvog.dll_old C:\Documents and Settings\Dan\Start Menu\Programs\Performance Optimizer Purity Return to OTMoveIt2, right click in the "Paste List of Files/Folders to be Moved" window (under the yellow bar) and choose Paste. Click the red Moveit! button. Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply. Close OTMoveIt2 If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. FINALLY FOR NOW Please visit this web page for instructions for downloading and running ComboFix http://www.bleepingcomputer.com/combofix/how-to-use-combofix This includes installing the Windows XP Recovery Console in case you have not installed it yet. It is imperative that you install this as it will enable a system recovery in the event of problems For more information on the Windows XP Recovery Console read http://support.microsoft.com/kb/314058. Once you install the Recovery Console, when you reboot your computer, you'll see the option for the Recovery Console now as well. Don't select Recovery Console as we don't need it. By default, your main OS is selected there. The screen stays for 2 seconds and then it proceeds to load Windows. That is normal. Post the log from ComboFix when you've accomplished that, along with a new HijackThis log.

dan19666 View Member Profile	Jul 27 2008, 12:59 PM Post #3
New Member Posts: 8 OS: windows XP	Hi thanks for your help. I deleted the files off Hijack this, I downloaded OTMoveIt2 by OldTimer. But it won't let me open the file. Windows error. Bobbi

Essexboy View Member Profile	Jul 27 2008, 02:09 PM Post #4
Global Moderator Posts: 10,071 From: Darkest Cornwall OS: Vista Ultimate	OK continue on with the Combofix segment

dan19666

Jul 27 2008, 04:06 PM

Post #5

New Member

Posts: 8
OS: windows XP

I could not load the recoery operation. This is the log from combo fix..

ComboFix 08-07-27.2 - Dan 2008-07-27 16:17:19.1 - NTFSx86
Running from: C:\Documents and Settings\Dan\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Dan\Application Data\macromedia\Flash Player\#SharedObjects\SD2ZXNTT\interclick.com
C:\Documents and Settings\Dan\Application Data\macromedia\Flash Player\#SharedObjects\SD2ZXNTT\interclick.com\ud.sol
C:\Documents and Settings\Dan\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com
C:\Documents and Settings\Dan\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com\settings.sol
C:\Program Files\ISM2
C:\Program Files\Performanceoptimizer (Free)
C:\Program Files\Performanceoptimizer (Free)\Download\dbtunezb\Update.exe
C:\WINDOWS\BM27e87fa6.txt
C:\WINDOWS\bundles
C:\WINDOWS\bundles\CSV7P070.exe
C:\WINDOWS\bundles\dealhelper.exe
C:\WINDOWS\bundles\ez_advolt.exe
C:\WINDOWS\bundles\optimizejames.exe
C:\WINDOWS\bundles\Setup.exe
C:\WINDOWS\cookies.ini
C:\WINDOWS\Downloaded Program Files\temp
C:\WINDOWS\system\oeminfo.ini
C:\WINDOWS\system32\aprriaov.dll
C:\WINDOWS\system32\Cache
C:\WINDOWS\system32\cdctgdud.ini
C:\WINDOWS\system32\cjprofym.ini
C:\WINDOWS\system32\dudgtcdc.dll
C:\WINDOWS\system32\fevvag.dll
C:\WINDOWS\system32\hgjjl.ini
C:\WINDOWS\system32\hgjjl.ini2
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\OrYHkUvw.ini
C:\WINDOWS\system32\OrYHkUvw.ini2
C:\WINDOWS\system32\pfmqbpqe.dll
C:\WINDOWS\system32\usqdyqgv.dll
C:\WINDOWS\system32\xybay.ini
C:\WINDOWS\system32\xybay.ini2

.
((((((((((((((((((((((((( Files Created from 2008-06-27 to 2008-07-27 )))))))))))))))))))))))))))))))
.

2008-07-26 10:24 . 2008-07-26 10:24 <DIR> d-------- C:\Program Files\Trend Micro
2008-07-25 11:58 . 2008-07-25 11:59 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-07-25 11:58 . 2008-07-25 16:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-24 12:50 . 2008-07-24 12:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-07-24 12:48 . 2008-07-24 12:48 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-07-24 12:48 . 2008-07-24 12:48 <DIR> d-------- C:\Documents and Settings\Dan\Application Data\SUPERAntiSpyware.com
2008-07-24 12:46 . 2008-07-24 12:46 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-07-23 19:33 . 2008-07-25 15:42 111,483 --a------ C:\WINDOWS\BM27e87fa6.xml
2008-07-23 19:25 . 2008-07-23 19:25 0 --a------ C:\END
2008-07-05 17:20 . 2008-07-05 17:20 268 --ah----- C:\sqmdata00.sqm
2008-07-05 17:20 . 2008-07-05 17:20 244 --ah----- C:\sqmnoopt00.sqm

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-27 21:06 --------- d-----w C:\Documents and Settings\Dan\Application Data\OpenOffice.org2
2008-07-25 16:53 --------- d-----w C:\Program Files\SpywareBlaster
2008-07-18 01:53 --------- d-----w C:\Program Files\MSN Messenger
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-13 13:10 272,128 ----a-w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-04 18:18 --------- d-----w C:\Documents and Settings\Dan\Application Data\Image Zone Express
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:56 15360]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-05-28 10:33 1506544]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-07-07 09:42 2156368]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"SpybotDeletingB460"="command" [X]
"SpybotDeletingD3854"="del" [X]
"SpybotDeletingB9659"="command" [X]
"SpybotDeletingD8089"="del" [X]
"SpybotDeletingB2992"="command" [X]
"SpybotDeletingD7792"="del" [X]
"SpybotDeletingB6454"="command" [X]
"SpybotDeletingD2831"="del" [X]
"SpybotDeletingB8668"="command" [X]
"SpybotDeletingD3198"="del" [X]
"SpybotDeletingB5132"="command" [X]
"SpybotDeletingD685"="del" [X]
"SpybotDeletingB7120"="command" [X]
"SpybotDeletingD7925"="del" [X]
"SpybotDeletingB6814"="command" [X]
"SpybotDeletingD3507"="del" [X]
"SpybotDeletingB6830"="command" [X]
"SpybotDeletingD1809"="del" [X]
"SpybotDeletingB5309"="command" [X]
"SpybotDeletingD6788"="del" [X]
"SpybotDeletingB2830"="command" [X]
"SpybotDeletingD5462"="del" [X]
"SpybotDeletingB6912"="command" [X]
"SpybotDeletingD9731"="del" [X]
"SpybotDeletingB5437"="command" [X]
"SpybotDeletingD3902"="del" [X]
"SpybotDeletingB2423"="command" [X]
"SpybotDeletingD3576"="del" [X]
"SpybotDeletingB7315"="command" [X]
"SpybotDeletingD451"="del" [X]
"SpybotDeletingB1907"="command" [X]
"SpybotDeletingD9167"="del" [X]
"SpybotDeletingB5339"="command" [X]
"SpybotDeletingD9814"="del" [X]
"SpybotDeletingB8433"="command" [X]
"SpybotDeletingD2409"="del" [X]
"SpybotDeletingB2896"="command" [X]
"SpybotDeletingD974"="del" [X]
"SpybotDeletingB517"="command" [X]
"SpybotDeletingD7287"="del" [X]
"SpybotDeletingB7335"="command" [X]
"SpybotDeletingD261"="del" [X]
"SpybotDeletingB1507"="command" [X]
"SpybotDeletingD3659"="del" [X]
"SpybotDeletingB1844"="command" [X]
"SpybotDeletingD5716"="del" [X]
"SpybotDeletingB3259"="command" [X]
"SpybotDeletingD1216"="del" [X]
"SpybotDeletingB4132"="command" [X]
"SpybotDeletingD2729"="del" [X]
"SpybotDeletingB6579"="command" [X]
"SpybotDeletingD9753"="del" [X]
"SpybotDeletingB9876"="command" [X]
"SpybotDeletingD3160"="del" [X]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 04:25 6731312]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-12-15 12:18 49152]
"VTPreset"="VTPreset.exe" [2004-02-24 20:17 45056 C:\WINDOWS\system32\VTPreset.exe]
"SoundMan"="SOUNDMAN.EXE" [2002-07-12 00:17 46592 C:\WINDOWS\SOUNDMAN.EXE]
"Mouse Suite 98 Daemon"="ICO.EXE" [2001-08-23 11:23 45056 C:\WINDOWS\system32\ico.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2005-03-04 12:01 88209 C:\WINDOWS\AGRSMMSG.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"SpybotDeletingC7503"="del" [X]
"SpybotDeletingA8919"="command" [X]
"SpybotDeletingC6226"="del" [X]
"SpybotDeletingA9103"="command" [X]
"SpybotDeletingC3396"="del" [X]
"SpybotDeletingA4173"="command" [X]
"SpybotDeletingC5787"="del" [X]
"SpybotDeletingA6702"="command" [X]
"SpybotDeletingC8100"="del" [X]
"SpybotDeletingA8775"="command" [X]
"SpybotDeletingC1187"="del" [X]
"SpybotDeletingA996"="command" [X]
"SpybotDeletingC6463"="del" [X]
"SpybotDeletingA7699"="command" [X]
"SpybotDeletingC8359"="del" [X]
"SpybotDeletingA7513"="command" [X]
"SpybotDeletingC6566"="del" [X]
"SpybotDeletingA7108"="command" [X]
"SpybotDeletingC4385"="del" [X]
"SpybotDeletingA5466"="command" [X]
"SpybotDeletingC4363"="del" [X]
"SpybotDeletingA5959"="command" [X]
"SpybotDeletingC9959"="del" [X]
"SpybotDeletingA2071"="command" [X]
"SpybotDeletingC3071"="del" [X]
"SpybotDeletingA2466"="command" [X]
"SpybotDeletingC717"="del" [X]
"SpybotDeletingA6532"="command" [X]
"SpybotDeletingC4852"="del" [X]
"SpybotDeletingC4019"="del" [X]
"SpybotDeletingA6001"="command" [X]
"Spybot - Search & Destroy"="C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" [2008-07-07 09:42 4891472]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-12-15 11:40:44 282624]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 10:13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_CURRENT_USER\software\microsoft\windows nt\currentversion\windows]
"load"=C:\WINDOWS\system32\ljjgh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"=
"C:\\Program Files\\FileZilla\\filezilla.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Documents and Settings\\Dan\\My Documents\\limewire\\LimeWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

R1 pelmouse;Mouse Suite Driver;C:\WINDOWS\system32\DRIVERS\pelmouse.sys [2001-12-13 14:53]
S3 pelps2m;PS/2 Mouse Filter Driver;C:\WINDOWS\system32\DRIVERS\pelps2m.sys [2002-01-31 18:28]
.
Contents of the 'Scheduled Tasks' folder
2008-07-26 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 15:57]
2008-07-27 C:\WINDOWS\Tasks\MP Scheduled Scan.job - C:\Program Files\Windows Defender\MpCmdRun.exe [2006-04-03 18:12]
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-24db4c3a - C:\WINDOWS\system32\dudgtcdc.dll
HKLM-Run-BM27e87fa6 - C:\WINDOWS\system32\snxfmvog.dll
HKLM-Run-windows auto update - (no file)

.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://search.ebay.com/_W0QQfgtpZ1QQfrppZ25QQsassZoldstufftwo
R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}
O8 -: C:\PROGRA~1\COMMON~1\BTLINK\btlink.dll//iemenu
O8 -: &eBay Search - C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 -: &Get Gutcheck
O9 -: {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Dan\Start Menu\Programs\IMVU\Run IMVU.lnk

O16 -: DirectAnimation Java Classes - file://C:\WINDOWS\Java\classes\dajava.cab
C:\WINDOWS\Downloaded Program Files\DirectAnimation Java Classes.osd

O16 -: Microsoft XML Parser for Java - file://C:\WINDOWS\Java\classes\xmldso.cab
C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd

O16 -: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - hxxp://downloads.ewido.net/ewidoOnlineScan.cab
C:\WINDOWS\Downloaded Program Files\ewidoOnlineScan.dll

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-27 16:40:13
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.bin
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\ntvdm.exe
.
**************************************************************************
.
Completion time: 2008-07-27 16:56:01 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-27 21:55:42

Pre-Run: 242,896,896 bytes free
Post-Run: 358,469,632 bytes free

289 --- E O F --- 2008-07-10 08:02:51

THis is the hijack this log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:05:37 PM, on 7/27/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.ebay.com/_W0QQfgtpZ1QQfrppZ2...assZoldstufftwo
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
F3 - REG:win.ini: load=C:\WINDOWS\system32\ljjgh.exe
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O4 - HKLM\..\Run: [VTPreset] VTPreset.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [24db4c3a] rundll32.exe "C:\WINDOWS\system32\dudgtcdc.dll",b
O4 - HKLM\..\Run: [BM27e87fa6] Rundll32.exe "C:\WINDOWS\system32\snxfmvog.dll",s
O4 - HKLM\..\RunOnce: [SpybotDeletingC7503] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data009.reg"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8919] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data011.reg"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6226] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data011.reg"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9103] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data013.reg"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3396] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data013.reg"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4173] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data016.reg"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5787] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data016.reg"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6702] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data017.reg"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8100] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data017.reg"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8775] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data020.reg"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1187] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data020.reg"
O4 - HKLM\..\RunOnce: [SpybotDeletingA996] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data023.reg"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6463] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data023.reg"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7699] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data027.reg"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8359] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data027.reg"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7513] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data030.reg"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6566] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data030.reg"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7108] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data031.reg"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4385] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data031.reg"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5466] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data033.reg"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4363] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data033.reg"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5959] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data040.reg"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9959] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data040.reg"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2071] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data042.reg"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3071] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data042.reg"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2466] command /c del "C:\WINDOWS\system32\wvUkHYrO.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC717] cmd /c del "C:\WINDOWS\system32\wvUkHYrO.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6532] command /c del "C:\WINDOWS\system32\snxfmvog.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4852] cmd /c del "C:\WINDOWS\system32\snxfmvog.dll_old"
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKLM\..\RunOnce: [SpybotDeletingC4019] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data007.reg"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6001] command /c del "C:\Program Files\Performanceoptimizer (Free)\Tweaks\data009.reg"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingB460] command /c del "C:\Program Files\Performanceoptimizer (Free)\ua_manager.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3854] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\ua_manager.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9659] command /c del "C:\Program Files\Performanceoptimizer (Free)\uninstpo.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8089] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\uninstpo.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2992] command /c del "C:\Documents and Settings\Dan\Start Menu\Programs\Performance Optimizer\Performance Optimizer Home Page.lnk"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7792] cmd /c del "C:\Documents and Settings\Dan\Start Menu\Programs\Performance Optimizer\Performance Optimizer Home Page.lnk"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6454] command /c del "C:\Documents and Settings\Dan\Start Menu\Programs\Performance Optimizer\Performance Optimizer.lnk"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2831] cmd /c del "C:\Documents and Settings\Dan\Start Menu\Programs\Performance Optimizer\Performance Optimizer.lnk"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8668] command /c del "C:\Documents and Settings\Dan\Start Menu\Programs\Performance Optimizer\Sellmosoft Home Page.lnk"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3198] cmd /c del "C:\Documents and Settings\Dan\Start Menu\Programs\Performance Optimizer\Sellmosoft Home Page.lnk"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5132] command /c del "C:\Program Files\Performanceoptimizer (Free)\install_stat2.tmp"
O4 - HKCU\..\RunOnce: [SpybotDeletingD685] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\install_stat2.tmp"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7120] command /c del "C:\Program Files\Performanceoptimizer (Free)\PerfOpt.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7925] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\PerfOpt.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6814] command /c del "C:\Program Files\Performanceoptimizer (Free)\Performance Optimizer Home Page.url"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3507] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Performance Optimizer Home Page.url"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6830] command /c del "C:\Program Files\Performanceoptimizer (Free)\Sellmosoft Home Page.url"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1809] cmd /c del "C:\Program Files\Performanceoptimizer (Free)\Sellmosoft Home