So i scanned Vundo and Deckard but the Potential Error still comes up?
VundoFix V6.7.7
Checking Java version...
Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.
Scan started at 2:09:02 AM 1/19/2008
Listing files found while scanning....
C:\WINDOWS\system32\aabvkivq.dll
C:\WINDOWS\system32\abjdndtv.dll
C:\WINDOWS\system32\aexjbcgc.dll
C:\WINDOWS\system32\agyflvyc.ini
C:\WINDOWS\system32\alrjcuyy.dll
C:\WINDOWS\system32\atpuymti.dll
C:\WINDOWS\system32\besaagxt.dll
C:\WINDOWS\system32\bswcmxeo.dll
C:\WINDOWS\system32\cdtiokro.dll
C:\WINDOWS\system32\cipvsgxx.dll
C:\WINDOWS\system32\ciqvfhsk.dll
C:\WINDOWS\system32\cjlakncp.dll
C:\WINDOWS\system32\cpjdbmul.dll
C:\WINDOWS\system32\cviarolk.dll
C:\WINDOWS\system32\cyvlfyga.dll
C:\WINDOWS\system32\daauchfr.dll
C:\WINDOWS\system32\ddcyy.dll
C:\WINDOWS\system32\dlxplnnh.dll
C:\WINDOWS\system32\drravhae.dll
C:\WINDOWS\system32\dssqoqer.dll
C:\WINDOWS\system32\ejuenofb.dll
C:\WINDOWS\system32\emdamxrq.dll
C:\WINDOWS\system32\esbetnid.dll
C:\WINDOWS\system32\etgbrxhd.dll
C:\WINDOWS\system32\fbxgfscr.dll
C:\WINDOWS\system32\fgtpsbax.dll
C:\WINDOWS\system32\frauakyw.dll
C:\WINDOWS\system32\fwnyxxuh.dll
C:\WINDOWS\system32\gebyw.dll
C:\WINDOWS\system32\geebb.dll
C:\WINDOWS\system32\ggqejsop.dll
C:\WINDOWS\system32\ghhugfdd.dll
C:\windows\system32\ghwohqen.dllbox
C:\WINDOWS\system32\gvqwajrc.dll
C:\WINDOWS\system32\gyhtaejx.dll
C:\WINDOWS\system32\hdqbgbyx.dll
C:\WINDOWS\system32\heimesfo.dll
C:\WINDOWS\system32\hkvuoelg.dll
C:\WINDOWS\system32\hxilmoqy.dll
C:\WINDOWS\system32\idbrcqpq.dll
C:\WINDOWS\system32\iqmdxyyf.dll
C:\WINDOWS\system32\irqmekys.dll
C:\WINDOWS\system32\iyoyhmlj.dll
C:\WINDOWS\system32\jejgnped.dll
C:\WINDOWS\system32\jjgvmrvi.dll
C:\WINDOWS\system32\jlkkvmns.dll
C:\WINDOWS\system32\kdkthqwf.dll
C:\WINDOWS\system32\kgnkllwh.dll
C:\WINDOWS\system32\kgutlpvh.dll
C:\WINDOWS\system32\kigymwnj.dll
C:\WINDOWS\system32\kikeomux.dll
C:\WINDOWS\system32\kknaoweb.dll
C:\WINDOWS\system32\koikleir.dll
C:\WINDOWS\system32\kuckotkf.dll
C:\WINDOWS\SYSTEM32\KUFLMASU.DLL
C:\windows\system32\kuflmasu.dllbox
C:\WINDOWS\system32\kvabcwbv.dll
C:\WINDOWS\system32\kymjibvb.dll
C:\WINDOWS\system32\lftrtjle.dll
C:\WINDOWS\system32\lmokvjwe.dll
C:\WINDOWS\system32\lpcwhnva.dll
C:\WINDOWS\system32\lradncog.dll
C:\WINDOWS\system32\lroiyigv.dll
C:\WINDOWS\system32\midelogn.dll
C:\WINDOWS\system32\mnwtylio.dll
C:\WINDOWS\system32\mtareebn.dll
C:\WINDOWS\system32\nnwodpak.dll
C:\WINDOWS\system32\nohwxdwh.dll
C:\WINDOWS\system32\nyumoxpr.dll
C:\WINDOWS\system32\ovlarguk.dll
C:\WINDOWS\system32\pgndrtup.dll
C:\WINDOWS\system32\phmojery.dll
C:\WINDOWS\system32\pjuatbjd.dll
C:\WINDOWS\system32\pteyomma.dll
C:\WINDOWS\system32\qdoyorru.dll
C:\WINDOWS\system32\qrnmffii.dll
C:\WINDOWS\system32\qtpelrrd.dll
C:\WINDOWS\system32\qvikvbaa.ini
C:\WINDOWS\system32\rkpcufsn.dll
C:\WINDOWS\system32\rsnnvnrk.dll
C:\WINDOWS\system32\rvtdwbhi.dll
C:\WINDOWS\system32\sbsccetu.dll
C:\WINDOWS\system32\sesxuadp.dll
C:\WINDOWS\system32\somqseqe.dll
C:\WINDOWS\system32\syrhlaiw.dll
C:\WINDOWS\system32\txlhsnmw.dll
C:\WINDOWS\system32\ucucnhhh.dll
C:\WINDOWS\system32\ufhoqlrd.dll
C:\WINDOWS\system32\upqpguvi.dll
C:\WINDOWS\system32\uspfxpdy.dll
C:\WINDOWS\system32\veefvmxe.dll
C:\WINDOWS\system32\vhsivsic.dll
C:\WINDOWS\system32\vucqvwuu.dll
C:\WINDOWS\system32\vxflihyb.dll
C:\WINDOWS\system32\wcpffpxu.dll
C:\WINDOWS\system32\wpsvsliv.dll
C:\WINDOWS\system32\wrravsmg.dll
C:\WINDOWS\system32\wsdwfilg.dll
C:\WINDOWS\system32\wtasgnke.dll
C:\WINDOWS\system32\xdvwehxy.dll
C:\WINDOWS\system32\xgrtrygq.dll
C:\WINDOWS\system32\xvshixaf.dll
C:\WINDOWS\system32\yafvhyms.dll
C:\WINDOWS\system32\ydoetatr.dll
C:\WINDOWS\system32\yoosvokf.dll
C:\WINDOWS\system32\ypcsqmys.dll
C:\windows\system32\zymduibe.dllbox
Beginning removal...
Attempting to delete C:\WINDOWS\system32\aabvkivq.dll
C:\WINDOWS\system32\aabvkivq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\abjdndtv.dll
C:\WINDOWS\system32\abjdndtv.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\aexjbcgc.dll
C:\WINDOWS\system32\aexjbcgc.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\agyflvyc.ini
C:\WINDOWS\system32\agyflvyc.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\alrjcuyy.dll
C:\WINDOWS\system32\alrjcuyy.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\atpuymti.dll
C:\WINDOWS\system32\atpuymti.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\besaagxt.dll
C:\WINDOWS\system32\besaagxt.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\bswcmxeo.dll
C:\WINDOWS\system32\bswcmxeo.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\cdtiokro.dll
C:\WINDOWS\system32\cdtiokro.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\cipvsgxx.dll
C:\WINDOWS\system32\cipvsgxx.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ciqvfhsk.dll
C:\WINDOWS\system32\ciqvfhsk.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\cjlakncp.dll
C:\WINDOWS\system32\cjlakncp.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\cpjdbmul.dll
C:\WINDOWS\system32\cpjdbmul.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\cviarolk.dll
C:\WINDOWS\system32\cviarolk.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\cyvlfyga.dll
C:\WINDOWS\system32\cyvlfyga.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\daauchfr.dll
C:\WINDOWS\system32\daauchfr.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ddcyy.dll
C:\WINDOWS\system32\ddcyy.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\dlxplnnh.dll
C:\WINDOWS\system32\dlxplnnh.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\drravhae.dll
C:\WINDOWS\system32\drravhae.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\dssqoqer.dll
C:\WINDOWS\system32\dssqoqer.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ejuenofb.dll
C:\WINDOWS\system32\ejuenofb.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\emdamxrq.dll
C:\WINDOWS\system32\emdamxrq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\esbetnid.dll
C:\WINDOWS\system32\esbetnid.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\etgbrxhd.dll
C:\WINDOWS\system32\etgbrxhd.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\fbxgfscr.dll
C:\WINDOWS\system32\fbxgfscr.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\fgtpsbax.dll
C:\WINDOWS\system32\fgtpsbax.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\frauakyw.dll
C:\WINDOWS\system32\frauakyw.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\fwnyxxuh.dll
C:\WINDOWS\system32\fwnyxxuh.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\gebyw.dll
C:\WINDOWS\system32\gebyw.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\geebb.dll
C:\WINDOWS\system32\geebb.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ggqejsop.dll
C:\WINDOWS\system32\ggqejsop.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ghhugfdd.dll
C:\WINDOWS\system32\ghhugfdd.dll Has been deleted!
Attempting to delete C:\windows\system32\ghwohqen.dllbox
C:\windows\system32\ghwohqen.dllbox Has been deleted!
Attempting to delete C:\WINDOWS\system32\gvqwajrc.dll
C:\WINDOWS\system32\gvqwajrc.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\gyhtaejx.dll
C:\WINDOWS\system32\gyhtaejx.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hdqbgbyx.dll
C:\WINDOWS\system32\hdqbgbyx.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\heimesfo.dll
C:\WINDOWS\system32\heimesfo.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hkvuoelg.dll
C:\WINDOWS\system32\hkvuoelg.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hxilmoqy.dll
C:\WINDOWS\system32\hxilmoqy.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\idbrcqpq.dll
C:\WINDOWS\system32\idbrcqpq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iqmdxyyf.dll
C:\WINDOWS\system32\iqmdxyyf.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\irqmekys.dll
C:\WINDOWS\system32\irqmekys.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iyoyhmlj.dll
C:\WINDOWS\system32\iyoyhmlj.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jejgnped.dll
C:\WINDOWS\system32\jejgnped.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jjgvmrvi.dll
C:\WINDOWS\system32\jjgvmrvi.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jlkkvmns.dll
C:\WINDOWS\system32\jlkkvmns.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\kdkthqwf.dll
C:\WINDOWS\system32\kdkthqwf.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\kgnkllwh.dll
C:\WINDOWS\system32\kgnkllwh.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\kgutlpvh.dll
C:\WINDOWS\system32\kgutlpvh.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\kigymwnj.dll
C:\WINDOWS\system32\kigymwnj.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\kikeomux.dll
C:\WINDOWS\system32\kikeomux.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\kknaoweb.dll
C:\WINDOWS\system32\kknaoweb.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\koikleir.dll
C:\WINDOWS\system32\koikleir.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\kuckotkf.dll
C:\WINDOWS\system32\kuckotkf.dll Has been deleted!
Attempting to delete C:\WINDOWS\SYSTEM32\KUFLMASU.DLL
C:\WINDOWS\SYSTEM32\KUFLMASU.DLL Could not be deleted.
Attempting to delete C:\windows\system32\kuflmasu.dllbox
C:\windows\system32\kuflmasu.dllbox Has been deleted!
Attempting to delete C:\WINDOWS\system32\kvabcwbv.dll
C:\WINDOWS\system32\kvabcwbv.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\kymjibvb.dll
C:\WINDOWS\system32\kymjibvb.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\lftrtjle.dll
C:\WINDOWS\system32\lftrtjle.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\lmokvjwe.dll
C:\WINDOWS\system32\lmokvjwe.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\lpcwhnva.dll
C:\WINDOWS\system32\lpcwhnva.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\lradncog.dll
C:\WINDOWS\system32\lradncog.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\lroiyigv.dll
C:\WINDOWS\system32\lroiyigv.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\midelogn.dll
C:\WINDOWS\system32\midelogn.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\mnwtylio.dll
C:\WINDOWS\system32\mnwtylio.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\mtareebn.dll
C:\WINDOWS\system32\mtareebn.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\nnwodpak.dll
C:\WINDOWS\system32\nnwodpak.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\nohwxdwh.dll
C:\WINDOWS\system32\nohwxdwh.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\nyumoxpr.dll
C:\WINDOWS\system32\nyumoxpr.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ovlarguk.dll
C:\WINDOWS\system32\ovlarguk.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\pgndrtup.dll
C:\WINDOWS\system32\pgndrtup.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\phmojery.dll
C:\WINDOWS\system32\phmojery.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\pjuatbjd.dll
C:\WINDOWS\system32\pjuatbjd.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\pteyomma.dll
C:\WINDOWS\system32\pteyomma.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\qdoyorru.dll
C:\WINDOWS\system32\qdoyorru.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\qrnmffii.dll
C:\WINDOWS\system32\qrnmffii.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\qtpelrrd.dll
C:\WINDOWS\system32\qtpelrrd.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\qvikvbaa.ini
C:\WINDOWS\system32\qvikvbaa.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\rkpcufsn.dll
C:\WINDOWS\system32\rkpcufsn.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\rsnnvnrk.dll
C:\WINDOWS\system32\rsnnvnrk.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\rvtdwbhi.dll
C:\WINDOWS\system32\rvtdwbhi.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\sbsccetu.dll
C:\WINDOWS\system32\sbsccetu.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\sesxuadp.dll
C:\WINDOWS\system32\sesxuadp.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\somqseqe.dll
C:\WINDOWS\system32\somqseqe.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\syrhlaiw.dll
C:\WINDOWS\system32\syrhlaiw.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\txlhsnmw.dll
C:\WINDOWS\system32\txlhsnmw.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ucucnhhh.dll
C:\WINDOWS\system32\ucucnhhh.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ufhoqlrd.dll
C:\WINDOWS\system32\ufhoqlrd.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\upqpguvi.dll
C:\WINDOWS\system32\upqpguvi.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\uspfxpdy.dll
C:\WINDOWS\system32\uspfxpdy.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\veefvmxe.dll
C:\WINDOWS\system32\veefvmxe.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vhsivsic.dll
C:\WINDOWS\system32\vhsivsic.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vucqvwuu.dll
C:\WINDOWS\system32\vucqvwuu.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vxflihyb.dll
C:\WINDOWS\system32\vxflihyb.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\wcpffpxu.dll
C:\WINDOWS\system32\wcpffpxu.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\wpsvsliv.dll
C:\WINDOWS\system32\wpsvsliv.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\wrravsmg.dll
C:\WINDOWS\system32\wrravsmg.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\wsdwfilg.dll
C:\WINDOWS\system32\wsdwfilg.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\wtasgnke.dll
C:\WINDOWS\system32\wtasgnke.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\xdvwehxy.dll
C:\WINDOWS\system32\xdvwehxy.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\xgrtrygq.dll
C:\WINDOWS\system32\xgrtrygq.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\xvshixaf.dll
C:\WINDOWS\system32\xvshixaf.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\yafvhyms.dll
C:\WINDOWS\system32\yafvhyms.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ydoetatr.dll
C:\WINDOWS\system32\ydoetatr.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\yoosvokf.dll
C:\WINDOWS\system32\yoosvokf.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ypcsqmys.dll
C:\WINDOWS\system32\ypcsqmys.dll Has been deleted!
Attempting to delete C:\windows\system32\zymduibe.dllbox
C:\windows\system32\zymduibe.dllbox Has been deleted!
Performing Repairs to the registry.
Done!
Deckard's System Scanner v20071014.68
Run by Stephanie Rainey on 2008-01-19 10:14:25
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
102: 2008-01-19 15:14:49 UTC - RP200 - Deckard's System Scanner Restore Point
101: 2008-01-19 07:18:07 UTC - RP199 - Installed SUPERAntiSpyware Free Edition
100: 2008-01-18 18:18:52 UTC - RP198 - p
99: 2008-01-18 18:17:37 UTC - RP197 - Restore Operation
98: 2008-01-18 16:46:24 UTC - RP196 - Restore Operation
-- First Restore Point --
1: 2007-11-26 00:48:12 UTC - RP99 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Stephanie Rainey.exe) ------------------------------------
Unable to find log (file not found); running clone.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-01-19 10:20:51
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ehome\ehrecvr.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\Common Files\logishrd\LVCOMSER\LVComSer.exe
C:\Program Files\McAfee\MBK\MBackMonitor.exe
C:\Program Files\McAfee\MSC\mcmscsvc.exe
C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
C:\Program Files\McAfee\VirusScan\Mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MpfSrv.exe
C:\Program Files\McAfee\MSK\msksrver.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\McAfee\MWL\MwlSvc.exe
C:\Program Files\McAfee\VirusScan\mcsysmon.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\explorer.exe
C:\Program Files\McAfee\MWL\MwlGui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\WLTRAY.EXE
C:\WINDOWS\stsystra.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\MarkAny\ContentSafer\MaAgent.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\WINDOWS\ehome\ehmsas.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Common Files\StorageProtector\strpmon.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Documents and Settings\Stephanie Rainey\Local Settings\Temporary Internet Files\Content.IE5\74LT9W3B\dss[1].exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0061229
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ieR1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://www.google.com/search?q=%sR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.c...rch/search.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieR1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0061229
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\SiteAdv.dll
O2 - BHO: {ba410a14-f145-b7ab-50f4-543cce3c0722} - {2270c3ec-c345-4f05-ba7b-541f41a014ab} - C:\WINDOWS\system32\kigymwnj.dll (file missing)
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: BndShell3 BHO Class - {875A1348-7674-42aa-ADAC-B4F36A004A2D} - C:\PROGRAM FILES\QDRDRIVE\QDRDRIVE8.DLL (file missing)
O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - C:\WINDOWS\system32\kuflmasu.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar1.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\SiteAdv.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [EarthLink Installer] " /C
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [MWLExe] C:\Program Files\Mcafee\MWL\MWLGui.exe /Start
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [McAfee Backup] C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
O4 - HKLM\..\Run: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Common Files\StorageProtector\strpmon.exe" dm=http://storageprotector.com ad=http://storageprotector.com sd=http://inspaid.storageprotector.com
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone:
https://turbotax.com (HKCU)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
http://download.macr...director/sw.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft....k/?linkid=39204O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} () -
http://ak.exe.imgfar...p1.0.0.15-3.cabO16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} (Shockwave ActiveX Control) -
http://fpdownload.ma...director/sw.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) -
http://lads.myspace....ploader1005.cabO16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () -
http://fpdownload.ma...t/ultrashim.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload.ma...ash/swflash.cabO18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: kuflmasu - C:\WINDOWS\system32\kuflmasu.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\dtqpdonf.exe /service
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Unknown owner - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\logishrd\SrvLnch\SrvLnch.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\Mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MpfSrv.exe
O23 - Service: Microsoft cache control (MSControlService) - Unknown owner - C:\WINDOWS\system32\windows
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\msksrver.exe
O23 - Service: McAfee Wireless Network Security Service (MWLSvc) - McAfee, Inc. - C:\Program Files\McAfee\MWL\MwlSvc.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\system32\WLTRYSVC.EXE
--
End of file - 13421 bytes
-- HijackThis Fixed Entries (C:\PROGRA~1\HIJACK~1\backups\) --------------------
backup-20080119-020335-698 O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
backup-20080119-020433-147 O23 - Service: SQLAgent$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE" -i MICROSOFTSMLBIZ (file missing)
backup-20080119-021215-164 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
backup-20080119-021216-452 O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
backup-20080119-021217-610 O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 APPDRV - c:\windows\system32\drivers\appdrv.sys <Not Verified; Dell Inc; Application Driver>
R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
R1 SASKUTIL - c:\program files\superantispyware\saskutil.sys
R2 ASCTRM - c:\windows\system32\drivers\asctrm.sys <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>
R3 DSproct - c:\program files\dell support\gtaction\triggers\dsproct.sys <Not Verified; GTek Technologies Ltd.; processt>
R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
S3 SFilter (PCTools Driver) - c:\windows\system32\drivers\pctfw.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 NICCONFIGSVC - c:\program files\dell\quickset\nicconfigsvc.exe <Not Verified; Dell Inc.; NicConfigSvc>
R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>
S2 Automatic LiveUpdate Scheduler - "c:\program files\symantec\liveupdate\aluschedulersvc.exe" (file missing)
S2 DomainService - c:\windows\system32\dtqpdonf.exe /service (file missing)
S3 LiveUpdate - "c:\progra~1\symantec\liveup~1\lucoms~2.exe" (file missing)
S3 MSControlService (Microsoft cache control) - c:\windows\system32\windows
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-01-08 18:01:20 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2007-12-02 18:12:58 286 --a------ C:\WINDOWS\Tasks\McDefragTask.job
2007-12-02 18:12:57 378 --a------ C:\WINDOWS\Tasks\McQcTask.job
-- Files created between 2007-12-19 and 2008-01-19 -----------------------------
2008-01-19 02:54:17 0 --a------ C:\WINDOWS\system32\CMMGR32.EXE
2008-01-19 02:20:03 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-01-19 02:18:14 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-01-19 02:18:10 0 d-------- C:\Documents and Settings\Stephanie Rainey\Application Data\SUPERAntiSpyware.com
2008-01-19 02:17:36 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-19 02:09:02 0 d-------- C:\VundoFix Backups
2008-01-19 01:54:49 165472 --a------ C:\WINDOWS\system32\rlvoivyd.dll
2008-01-19 01:27:49 165472 --a------ C:\WINDOWS\system32\yxqbdtir.dll
2008-01-18 23:33:37 165472 --a------ C:\WINDOWS\system32\cgrdhduu.dll
2008-01-18 19:11:00 7168 --a------ C:\WINDOWS\system32\windows
2008-01-18 17:25:14 165472 --a------ C:\WINDOWS\system32\sghmqbwp.dll
2008-01-18 17:14:18 0 d-------- C:\Documents and Settings\Stephanie Rainey\Application Data\storageprotector
2008-01-18 17:09:18 0 dr------- C:\Documents and Settings\All Users\Application Data\storageprotector
2008-01-18 17:09:08 0 dr------- C:\Documents and Settings\All Users\Application Data\SalesMon
2008-01-18 17:08:54 0 d-------- C:\Program Files\Common Files\StorageProtector
2008-01-18 17:08:53 0 d-------- C:\Program Files\StorageProtector
2008-01-18 14:10:27 165472 --a------ C:\WINDOWS\system32\qlrrhasd.dll
2008-01-18 13:34:48 165472 --a------ C:\WINDOWS\system32\meixpslp.dll
2008-01-18 12:49:11 165472 --a------ C:\WINDOWS\system32\stsxvoii.dll
2008-01-16 17:06:46 4456448 --a------ C:\Documents and Settings\Stephanie Rainey\ntuser.dat
2008-01-16 16:08:56 76864 --a------ C:\WINDOWS\system32\wnccrjps.dll
2008-01-16 15:25:15 76864 --a------ C:\WINDOWS\system32\xkdvkhcv.dll
2008-01-16 14:39:02 76864 --a------ C:\WINDOWS\system32\nbjwkoyc.dll
2008-01-16 14:09:36 76864 --a------ C:\WINDOWS\system32\mqmiwycf.dll
2008-01-16 13:37:21 76864 --a------ C:\WINDOWS\system32\tfwiuxhu.dll
2008-01-16 13:10:37 76864 --a------ C:\WINDOWS\system32\qjawmgjf.dll
2008-01-14 23:28:55 213897 ---hs---- C:\WINDOWS\system32\bbeeg.ini2
2008-01-14 21:59:42 61440 --a------ C:\WINDOWS\system32\KPower.dll <Not Verified; Intel Corporation; KPOWER>
2008-01-14 21:59:17 16128 --a------ C:\WINDOWS\system32\drivers\APPDRV.SYS <Not Verified; Dell Inc; Application Driver>
2008-01-14 21:57:47 0 d-------- C:\Program Files\Modem Helper
2008-01-13 22:42:47 0 d-------- C:\Documents and Settings\Stephanie Rainey\Application Data\McAfee
2008-01-09 22:02:33 79936 --a------ C:\WINDOWS\system32\gnvesogi.dll
2008-01-09 21:08:29 79936 --a------ C:\WINDOWS\system32\jtoyoqrb.dll
2008-01-09 19:52:04 79936 --a------ C:\WINDOWS\system32\inaunhae.dll
2008-01-09 19:10:58 79936 --a------ C:\WINDOWS\system32\mfqgjkwp.dll
2008-01-09 18:52:19 79936 --a------ C:\WINDOWS\system32\bauggrcl.dll
2008-01-09 15:42:48 79936 --a------ C:\WINDOWS\system32\feowyrfg.dll
2008-01-09 14:56:22 79936 --a------ C:\WINDOWS\system32\mpoxjmau.dll
2008-01-06 20:46:15 75840 --a------ C:\WINDOWS\system32\hqcjvkyh.dll
2008-01-06 20:27:52 75840 --a------ C:\WINDOWS\system32\eehdvubg.dll
2008-01-06 19:57:41 75840 --a------ C:\WINDOWS\system32\fkmxlfyx.dll
2008-01-06 19:38:00 75840 --a------ C:\WINDOWS\system32\rbvgpxkx.dll
2008-01-06 19:02:12 75840 --a------ C:\WINDOWS\system32\bvfmldsv.dll
2008-01-05 20:10:57 78912 --a------ C:\WINDOWS\system32\pjswjjqg.dll
2007-12-29 23:54:04 0 d-------- C:\Documents and Settings\LocalService\Desktop
2007-12-29 23:54:04 0 d-------- C:\Documents and Settings\LocalService\Application Data\SiteAdvisor
2007-12-29 23:54:00 0 d-------- C:\Documents and Settings\LocalService\Application Data\Yahoo!
2007-12-29 15:10:26 0 d-------- C:\Documents and Settings\All Users\Application Data\Dell
2007-12-21 17:36:42 0 d-------- C:\Documents and Settings\Stephanie Rainey\Application Data\Template
2007-12-21 17:36:16 162 --a------ C:\Documents and Settings\Stephanie Rainey\Application Data\wklnhst.dat
2007-12-20 19:50:05 165472 -----n--- C:\WINDOWS\system32\kuflmasu.dll
2007-12-20 19:50:03 165472 --a------ C:\WINDOWS\system32\ebxlvmhl.dll
2007-12-20 19:27:10 0 d-------- C:\Program Files\Learn2.com
2007-12-20 19:27:10 0 d-------- C:\Program Files\InterActual
-- Find3M Report ---------------------------------------------------------------
2008-01-19 03:59:35 0 d-------- C:\Program Files\QdrPack
2008-01-19 02:17:36 0 d-------- C:\Program Files\Common Files
2008-01-19 01:52:35 211323 ---hs---- C:\WINDOWS\system32\bbeeg.bak2
2008-01-19 01:29:17 0 d-------- C:\Documents and Settings\Stephanie Rainey\Application Data\SiteAdvisor
2008-01-15 17:12:53 0 d-------- C:\Program Files\Temporary
2008-01-15 16:19:29 0 d-------- C:\Program Files\Yahoo!
2008-01-14 22:31:45 0 d-------- C:\Program Files\SwiftSwitch
2008-01-14 21:59:39 0 d-------- C:\Program Files\Dell
2008-01-14 21:57:43 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-01-14 15:14:42 0 d-------- C:\Program Files\QdrDrive
2008-01-14 15:14:33 0 d-------- C:\Documents and Settings\Stephanie Rainey\Application Data\Yahoo!
2008-01-11 20:48:48 567422 ---hs---- C:\WINDOWS\system32\bbeeg.bak1
2007-12-30 22:22:33 0 d-------- C:\Program Files\McAfee
2007-12-21 15:08:53 0 d-------- C:\Program Files\Common Files\McAfee
2007-12-20 19:27:13 0 d-------- C:\Program Files\Google
2007-12-20 19:26:40 0 d-------- C:\Program Files\Common Files\Intuit
2007-12-11 16:23:50 0 d-------- C:\Program Files\Microsoft Works
2007-12-09 21:33:33 0 d-------- C:\Documents and Settings\Stephanie Rainey\Application Data\Adobe
2007-12-07 20:25:39 0 d-------- C:\Program Files\?dobe
2007-12-02 18:22:17 0 d-------- C:\Program Files\SiteAdvisor
2007-12-02 18:12:34 0 d-------- C:\Program Files\McAfee.com
2007-11-30 06:40:23 0 d-------- C:\Program Files\InetGet2
2007-11-30 06:19:06 0 d-------- C:\Program Files\Insider
2007-11-26 00:45:24 0 d-------- C:\Program Files\WildTangent
2007-11-26 00:34:14 0 d-a------ C:\Program Files\FunWebProducts
2007-11-25 23:30:54 0 d-------- C:\Program Files\Common Files\?racle
2007-11-25 23:09:18 0 d-------- C:\Program Files\LimeWire
2007-11-25 18:24:55 0 d-------- C:\Program Files\Common Files\wrrf
2007-11-25 15:47:30 6510 ---hs--c- C:\WINDOWS\system32\wybeg.bak1
2007-11-24 12:20:35 7368 ---hs--c- C:\WINDOWS\system32\srqss.bak2
2007-11-24 01:50:02 6535 ---hs--c- C:\WINDOWS\system32\jmllm.bak1
2007-11-23 20:55:34 6495 ---hs--c- C:\WINDOWS\system32\srqss.bak1
2007-11-23 18:21:43 8446 ---hs--c- C:\WINDOWS\system32\jlnmp.bak2
2007-11-21 16:04:49 6470 ---hs--c- C:\WINDOWS\system32\jlnmp.bak1
2007-11-16 19:21:14 33425 --a------ C:\logfile
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2270c3ec-c345-4f05-ba7b-541f41a014ab}]
C:\WINDOWS\system32\kigymwnj.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}]
09/19/2007 06:15 AM 329032 --a------ c:\PROGRA~1\mcafee\msk\mcapbho.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{875A1348-7674-42aa-ADAC-B4F36A004A2D}]
C:\PROGRAM FILES\QDRDRIVE\QDRDRIVE8.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}]
12/20/2007 07:50 PM 165472 --------- C:\WINDOWS\system32\kuflmasu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [09/29/2005 03:01 PM]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [05/10/2006 12:12 PM]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [09/22/2006 12:47 PM]
"Broadcom Wireless Manager UI"="C:\WINDOWS\system32\WLTRAY.exe" [12/19/2005 04:08 PM]
"SigmatelSysTrayApp"="stsystra.exe" [09/22/2006 12:06 PM C:\WINDOWS\stsystra.exe]
"EarthLink Installer"=" /C" []
"MAAgent"="C:\Program Files\MarkAny\ContentSafer\MAAgent.exe" [06/02/2006 02:39 PM]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [10/25/2007 03:37 PM]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [10/25/2007 03:33 PM]
"MWLExe"="C:\Program Files\Mcafee\MWL\MWLGui.exe" [03/12/2007 11:40 AM]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [08/03/2007 10:33 PM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [06/29/2007 05:24 AM]
"McAfee Backup"="C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe" [01/16/2007 01:59 PM]
"MBkLogOnHook"="C:\Program Files\McAfee\MBK\LogOnHook.exe" [01/08/2007 11:22 AM]
"Dell QuickSet"="C:\Program Files\Dell\QuickSet\quickset.exe" [08/23/2006 04:14 PM]
"Salestart"="C:\Program Files\Common Files\StorageProtector\strpmon.exe" [12/04/2007 02:49 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="C:\Program Files\Dell Support\DSAgnt.exe" [08/28/2006 10:57 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/10/2004 06:00 AM]
"Aim6"="" []
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [10/08/2007 04:08 PM]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" []
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [02/27/2007 11:39 AM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [9/23/2005 9:05:26 PM]
Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [5/3/2005 11:07:32 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 12:55 PM 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 02/27/2007 11:39 AM 282624 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\kuflmasu]
kuflmasu.dll 12/20/2007 07:50 PM 165472 C:\WINDOWS\system32\kuflmasu.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\geebb.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
"C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Insider]
C:\Program Files\Insider\Insider.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QdrModule9]
"C:\Program Files\QdrModule\QdrModule9.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QdrPack10]
"C:\Program Files\QdrPack\QdrPack10.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
AutoRun\command- E:\setup.exe
-- End of Deckard's System Scanner: finished at 2008-01-19 10:24:19 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: AMD Turion™ 64 Mobile Technology MK-36
Percentage of Memory in Use: 61%
Physical Memory (total/avail): 894.04 MiB / 345.32 MiB
Pagefile Memory (total/avail): 2165.8 MiB / 1609.89 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1915.34 MiB
C: is Fixed (NTFS) - 51.16 GiB total, 32.36 GiB free.
D: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - TOSHIBA MK6034GSX - 55.89 GiB - 3 partitions
\PARTITION0 - Unknown - 70.57 MiB
\PARTITION1 (bootable) - Installable File System - 51.16 GiB - C:
\PARTITION2 - Unknown - 4.64 GiB
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FirstRunDisabled is set.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.
FW: Norton Internet Worm Protection v2006 (Symantec)
DisabledFW: McAfee Personal Firewall v (McAfee)
AV: McAfee VirusScan v (McAfee)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.
Edited by thetr1p, 19 January 2008 - 09:32 AM.
This topic is locked
Sign In
Create Account
