ok here is the comboFix report and the Hijack this report...
the jddqapte dll error message is still there, plus it said something called seekemo was still there...which was supposed to be deleted with the first run of all these spywares...it must have tentacles...LOL....Now when the ComboFix came back on, it said not to run any programs , I didn't but Incredimail comes on by itself and so does mcaffee and spybot....do I need to turn them off then run combofix?...thank you Gaydria
ComboFix 08-02-13.2 - gaydria 2008-02-12 19:18:31.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.427 [GMT -8:00]
Running from: C:\Documents and Settings\gaydria\Desktop\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\gaydria\Application Data\ShoppingReport
C:\Documents and Settings\gaydria\Application Data\ShoppingReport\cs\Config.xml
C:\Documents and Settings\gaydria\Application Data\ShoppingReport\cs\db\Aliases.dbs
C:\Documents and Settings\gaydria\Application Data\ShoppingReport\cs\db\Sites.dbs
C:\Documents and Settings\gaydria\Application Data\ShoppingReport\cs\dwld\WhiteList.xip
C:\Documents and Settings\gaydria\Application Data\ShoppingReport\cs\report\aggr_storage.xml
C:\Documents and Settings\gaydria\Application Data\ShoppingReport\cs\report\send_storage.xml
C:\Documents and Settings\gaydria\Application Data\ShoppingReport\cs\res1\WhiteList.dbs
C:\WINDOWS\system32\sstwa.ini2
C:\WINDOWS\system32\ttstv.ini
C:\WINDOWS\system32\ttstv.ini2
.
((((((((((((((((((((((((( Files Created from 2008-01-13 to 2008-02-13 )))))))))))))))))))))))))))))))
.
2008-02-10 17:08 . 2008-02-11 16:17 15 --a------ C:\WINDOWS\popcinfo.dat
2008-02-10 09:52 . 2008-02-10 09:52 <DIR> d-------- C:\Program Files\ScarabShooter
2008-02-09 13:28 . 1999-12-17 10:13 86,016 --a------ C:\WINDOWS\unvise32.exe
2008-02-09 11:01 . 2008-02-09 11:01 69 --a------ C:\WINDOWS\NeroDigital.ini
2008-02-09 00:36 . 2008-02-11 15:38 <DIR> d-------- C:\Documents and Settings\gaydria\Application Data\Wildfire
2008-02-09 00:36 . 2008-02-09 00:36 4,096 --a------ C:\WINDOWS\d3dx.dat
2008-02-08 19:44 . 2008-02-10 09:51 <DIR> d-------- C:\My Games
2008-02-08 19:43 . 2008-02-08 19:56 <DIR> d-------- C:\My Download Files
2008-02-08 19:36 . 2008-02-08 19:36 <DIR> d-------- C:\Program Files\Real
2008-02-08 19:36 . 2008-02-08 19:36 774,144 --a------ C:\Program Files\RngInterstitial.dll
2008-02-08 19:35 . 2008-02-08 19:35 <DIR> d-------- C:\Program Files\Google
2008-02-08 19:35 . 2008-02-08 19:36 <DIR> d-------- C:\Program Files\Common Files\Real
2008-02-07 13:47 . 2008-02-07 13:59 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2008-02-07 13:47 . 2008-02-07 13:47 30,590 --a------ C:\WINDOWS\system32\pavas.ico
2008-02-07 13:47 . 2008-02-07 13:47 2,550 --a------ C:\WINDOWS\system32\Uninstall.ico
2008-02-07 13:47 . 2008-02-07 13:47 1,406 --a------ C:\WINDOWS\system32\Help.ico
2008-02-07 09:30 . 2008-02-07 09:30 <DIR> d-------- C:\Documents and Settings\gaydria\Application Data\Grisoft
2008-02-07 09:30 . 2008-02-07 09:30 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-02-07 09:30 . 2007-05-30 04:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-02-07 04:43 . 2008-02-07 04:43 <DIR> d-------- C:\Program Files\Trend Micro
2008-02-06 20:39 . 2008-02-06 21:36 474 --ahs---- C:\WINDOWS\system32\ipbwiejt.ini
2008-02-06 16:12 . 2008-02-11 19:57 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-02-06 16:12 . 2008-02-06 16:12 <DIR> d-------- C:\Documents and Settings\gaydria\Application Data\SUPERAntiSpyware.com
2008-02-06 16:12 . 2008-02-06 16:12 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-02-06 16:11 . 2008-02-06 16:11 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-02-06 16:02 . 2008-02-06 20:29 414 --ahs---- C:\WINDOWS\system32\etpaqddj.ini
2008-02-06 12:51 . 2008-02-06 21:36 846 --a------ C:\WINDOWS\wininit.ini
2008-02-06 11:26 . 2008-02-06 11:26 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-02-06 11:26 . 2008-02-06 12:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-02-06 01:47 . 2008-02-06 01:47 <DIR> d-------- C:\Documents and Settings\gaydria\Application Data\Jasc
2008-02-06 00:16 . 2008-02-06 00:16 <DIR> d-------- C:\Documents and Settings\gaydria\Application Data\Alien Skin
2008-02-04 16:50 . 2008-02-04 16:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Corel
2008-02-04 13:11 . 2008-02-04 13:21 <DIR> d-------- C:\Program Files\RenGames
2008-02-03 23:46 . 2008-02-03 23:46 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Redfield
2008-02-03 23:32 . 2004-03-08 17:40 210,944 --a------ C:\WINDOWS\system32\MSVCRT10.DLX
2008-02-03 23:32 . 2004-03-08 17:40 210,944 --a------ C:\WINDOWS\system32\Msvcrt10.dll
2008-02-03 23:32 . 2004-03-08 17:40 57,344 --a------ C:\WINDOWS\system32\icmfilter.dll
2008-02-03 23:32 . 2004-03-08 17:40 32,768 --a------ C:\WINDOWS\system32\plugin.dll
2008-02-03 21:24 . 2008-02-03 21:30 <DIR> d-------- C:\Documents and Settings\gaydria\Application Data\ICQ
2008-02-03 21:23 . 2008-02-03 21:31 <DIR> d-------- C:\Program Files\ICQ6
2008-02-03 20:30 . 2008-02-03 20:30 <DIR> d-------- C:\Program Files\Font Xplorer
2008-02-03 20:08 . 2008-02-03 20:08 <DIR> d-------- C:\Program Files\Jasc Software Inc
2008-02-03 20:01 . 2008-02-03 20:03 <DIR> d-------- C:\Documents and Settings\gaydria\Application Data\Download Manager
2008-02-03 20:00 . 2008-02-03 20:00 1,056 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2008-02-03 19:55 . 2008-02-03 19:55 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-02-03 19:54 . 2008-02-05 12:27 <DIR> d-------- C:\Documents and Settings\gaydria\Application Data\Corel
2008-02-03 19:53 . 2008-02-04 16:44 <DIR> d-------- C:\Program Files\Corel
2008-02-03 19:53 . 2008-02-04 16:45 <DIR> d-------- C:\Program Files\Common Files\Corel
2008-02-03 19:29 . 2008-02-03 19:29 20 --ahs---- C:\ArcDeviceInfo
2008-02-03 18:40 . 2008-02-03 18:40 <DIR> d-------- C:\WINDOWS\system32\Adobe
2008-02-03 18:40 . 2008-02-03 18:40 <DIR> d-------- C:\WINDOWS\Profiles
2008-02-03 18:40 . 2008-02-03 18:40 <DIR> d-------- C:\Program Files\Common Files\ArcSoft
2008-02-03 18:40 . 2008-02-03 18:40 <DIR> d-------- C:\Program Files\Common Files\Ahead
2008-02-03 18:40 . 2008-02-06 06:29 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-02-03 18:40 . 2008-02-03 18:40 <DIR> d-------- C:\Program Files\Ahead
2008-02-03 18:40 . 2008-02-03 18:40 <DIR> d-------- C:\Documents and Settings\gaydria\Application Data\InterTrust
2008-02-03 18:40 . 2005-05-23 01:34 2,920,448 --------- C:\WINDOWS\UNSIPPS.exe
2008-02-03 18:40 . 1995-08-01 04:44 212,480 --a------ C:\WINDOWS\PCDLIB32.DLL
2008-02-03 18:40 . 2005-05-30 23:52 59,113 --------- C:\WINDOWS\UNSIPPS.cfg
2008-02-03 18:25 . 2004-08-03 22:58 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2008-02-03 18:25 . 2004-08-03 22:58 5,504 --a--c--- C:\WINDOWS\system32\dllcache\mstee.sys
2008-02-03 18:15 . 2008-02-03 18:15 <DIR> d-------- C:\WINDOWS\Options
2008-02-03 18:15 . 2008-02-03 18:15 <DIR> d-------- C:\Program Files\Philips
2008-02-03 18:15 . 2005-06-07 14:21 541,568 --a------ C:\WINDOWS\system32\drivers\phc700.sys
2008-02-03 18:15 . 2005-07-20 19:56 339,968 --a------ C:\WINDOWS\vphc700.exe
2008-02-03 18:15 . 2005-07-20 19:56 339,968 --a------ C:\WINDOWS\system32\vphc700.exe
2008-02-03 18:15 . 1998-10-29 15:45 306,688 --a------ C:\WINDOWS\IsUninst.exe
2008-02-03 18:15 . 2005-05-19 18:57 81,920 --a------ C:\WINDOWS\system32\vphc700.dll
2008-02-03 18:15 . 2004-02-16 13:59 61,440 --a------ C:\WINDOWS\system32\cphc700.dll
2008-02-03 18:15 . 2004-09-30 16:08 36,864 --a------ C:\WINDOWS\system32\dphc700.ax
2008-02-03 18:15 . 2005-01-13 15:13 15,488 --a------ C:\WINDOWS\phc700.ini
2008-02-03 18:15 . 2004-02-27 17:36 13,023 --a------ C:\WINDOWS\phc700.src
2008-02-03 17:16 . 2008-02-03 17:16 <DIR> d-------- C:\Program Files\Qwest
2008-02-03 17:16 . 2008-02-03 17:16 <DIR> d-------- C:\Program Files\Common Files\supportsoft
2008-02-03 17:16 . 2008-02-03 17:16 <DIR> d-------- C:\Program Files\Actiontec
2008-02-03 17:16 . 2008-02-03 17:16 <DIR> d-------- C:\Program Files\2Wire
2008-02-03 17:16 . 2008-02-03 17:16 <DIR> d-------- C:\Documents and Settings\gaydria\Application Data\InstallShield
2008-02-03 17:16 . 2004-02-14 09:19 143,360 --a------ C:\WINDOWS\GTRemove.exe
2008-02-03 17:16 . 2007-05-30 08:16 68,672 --a------ C:\WINDOWS\system32\drivers\2WirePCP.sys
2008-02-03 17:14 . 2004-08-03 22:58 14,848 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
2008-02-03 17:14 . 2004-08-03 22:58 14,848 --a--c--- C:\WINDOWS\system32\dllcache\kbdhid.sys
2008-01-15 09:03 . 2008-01-15 09:03 268 --ah----- C:\sqmdata19.sqm
2008-01-15 09:03 . 2008-01-15 09:03 244 --ah----- C:\sqmnoopt19.sqm
2008-01-14 23:30 . 2008-01-14 23:30 268 --ah----- C:\sqmdata18.sqm
2008-01-14 23:30 . 2008-01-14 23:30 244 --ah----- C:\sqmnoopt18.sqm
2008-01-13 22:56 . 2008-01-13 22:56 268 --ah----- C:\sqmdata17.sqm
2008-01-13 22:56 . 2008-01-13 22:56 244 --ah----- C:\sqmnoopt17.sqm
2008-01-13 12:58 . 2008-01-13 12:58 268 --ah----- C:\sqmdata16.sqm
2008-01-13 12:58 . 2008-01-13 12:58 244 --ah----- C:\sqmnoopt16.sqm
2008-01-13 06:34 . 2008-01-13 06:34 268 --ah----- C:\sqmdata15.sqm
2008-01-13 06:34 . 2008-01-13 06:34 244 --ah----- C:\sqmnoopt15.sqm
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-07 20:06 --------- d-----w C:\Program Files\DIGStream
2008-02-04 05:25 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-04 04:28 --------- d-----w C:\Documents and Settings\gaydria\Application Data\ArcSoft
2008-02-04 03:53 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-02-04 00:45 --------- d-----w C:\Program Files\McAfee
2008-01-08 04:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2007-12-27 20:35 --------- d-----w C:\Documents and Settings\NetworkService\Application Data\Intel
2007-12-27 20:21 --------- d-----w C:\Program Files\Connection Wizard
2007-12-18 09:51 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0D26A277-739D-47E2-8E5C-CC7264673BF1}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{92CA88B2-B6B3-4E41-AFE1-8B74EF8EC992}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FFADCA99-9D39-4DDB-81AE-2F5F529136D2}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SetDefaultMIDI"="MIDIDef.exe" [2004-12-22 18:40 24576 C:\WINDOWS\MIDIDEF.EXE]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 03:00 15360]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2007-08-30 16:43 4670704]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-02-08 19:35 171448]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:54 5674352]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2007-09-20 14:17 208946]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 12:56 64512]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-28 10:55 667718]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-12-28 10:56 602182]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 16:30 282624 C:\WINDOWS\stsystra.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-03-21 19:03 7557120]
"nwiz"="nwiz.exe" [2006-03-21 19:03 1519616 C:\WINDOWS\system32\nwiz.exe]
"NVHotkey"="nvHotkey.dll" [2006-03-21 19:03 73728 C:\WINDOWS\system32\nvhotkey.dll]
"VoiceCenter"="C:\Program Files\Creative\VoiceCenter\AndreaVC.exe" [2006-02-16 08:20 1118208]
"CTSysVol"="C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-10-31 09:51 57344]
"MBMon"="CTMBHA.DLL" [2006-03-15 19:15 1355468 C:\WINDOWS\system32\CTMBHA.DLL]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 00:00 90112]
"WD Button Manager"="WDBtnMgr.exe" [2007-10-02 10:05 364544 C:\WINDOWS\system32\WDBtnMgr.exe]
"phc700"="C:\WINDOWS\system32\vphc700.exe" [2005-07-20 19:56 339968]
"904b0aea"="C:\WINDOWS\system32\jddqapte.dll" [ ]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 01:25 6731312]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
TrayMin700.exe.lnk - C:\Program Files\Philips\SPC 700NC PC Camera\TrayMin700.exe [2008-02-03 18:15:17 278528]
WD Backup Monitor.lnk - C:\Program Files\My Book\WD Backup\uBBMonitor.exe [2007-10-02 10:06:15 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
S3 2WIREPCP;2Wire USB;C:\WINDOWS\system32\DRIVERS\2WirePCP.sys [2007-05-30 08:16]
S3 phc700;USB PC Camera (phc700);C:\WINDOWS\system32\DRIVERS\phc700.sys [2005-06-07 14:21]
.
Contents of the 'Scheduled Tasks' folder
"2007-10-02 05:15:54 C:\WINDOWS\Tasks\McDefragTask.job"
- c:\PROGRA~1\mcafee\mqc\QcConsol.exe'
"2007-10-02 05:15:52 C:\WINDOWS\Tasks\McQcTask.job"
- c:\PROGRA~1\mcafee\mqc\QcConsol.exe
"2008-02-13 02:02:35 C:\WINDOWS\Tasks\User_Feed_Synchronization-{8EF10825-617A-4BAD-94F3-B4DA549CDF14}.job"
- C:\WINDOWS\system32\msfeedssync.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-02-12 19:24:27
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\DOCUME~1\gaydria\LOCALS~1\Temp\clclean.0001
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\system32\stacsv.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE
.
**************************************************************************
.
Completion time: 2008-02-12 19:28:37 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-13 03:28:34
.
2008-02-13 02:54:55 --- E O F ---
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:32:20 PM, on 2/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Creative\VoiceCenter\AndreaVC.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\WINDOWS\system32\vphc700.exe
C:\DOCUME~1\gaydria\LOCALS~1\Temp\clclean.0001
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\WINDOWS\system32\ctfmon.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\system32\stacsv.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Philips\SPC 700NC PC Camera\TrayMin700.exe
C:\Program Files\My Book\WD Backup\uBBMonitor.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\explorer.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\PROGRA~1\INCRED~1\bin\ImApp.exe
C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
c:\PROGRA~1\COMMON~1\mcafee\emproxy\emtray.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://espn.go.com/motion/detect.htmlR3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {0D26A277-739D-47E2-8E5C-CC7264673BF1} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {92CA88B2-B6B3-4E41-AFE1-8B74EF8EC992} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {FFADCA99-9D39-4DDB-81AE-2F5F529136D2} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [VoiceCenter] "C:\Program Files\Creative\VoiceCenter\AndreaVC.exe" /tray
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [phc700] C:\WINDOWS\system32\vphc700.exe
O4 - HKLM\..\Run: [904b0aea] rundll32.exe "C:\WINDOWS\system32\jddqapte.dll",b
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SeekmoSA] "C:\Program Files\Seekmo\bin\10.0.370.0\SeekmoSA.exe"
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - Global Startup: TrayMin700.exe.lnk = C:\Program Files\Philips\SPC 700NC PC Camera\TrayMin700.exe
O4 - Global Startup: WD Backup Monitor.lnk = C:\Program Files\My Book\WD Backup\uBBMonitor.exe
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoft...free/asinst.cabO16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (DLM Control) -
http://dlm.tools.aka...vex-2.2.3.4.cabO20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\stacsv.exe
O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
--
End of file - 11227 bytes