ccastle86
2008-02-21, 04:15
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\BellSouthWCC\McciTrayApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\Rundll32.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Documents and Settings\Owner\My Documents\HiJackThis_v2.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wscntfy.exe
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
RemoteControl = "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
readericon = C:\Program Files\Digital Media Reader\readericon45G.exe
RTHDCPL = RTHDCPL.EXE
Alcmtr = ALCMTR.EXE
VSOCheckTask = "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
OASClnt = C:\Program Files\McAfee.com\VSO\oasclnt.exe
MCAgentExe = c:\PROGRA~1\mcafee.com\agent\mcagent.exe
MCUpdateExe = c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
MSKAGENTEXE = C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
MSKDetectorExe = C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
VirusScan Online = C:\Program Files\McAfee.com\VSO\mcvsshld.exe
MPFExe = C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
BellSouthWCC_McciTrayApp = C:\Program Files\BellSouthWCC\McciTrayApp.exe
QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
tgcmd = "C:\Program Files\Support.com\BellSouth\hcenter.exe" /starthidden /tgcmdwrapper
08f37a09 = rundll32.exe "C:\WINDOWS\system32\uoupahgm.dll",b
ccApp = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
osCheck = "C:\Program Files\Norton AntiVirus\osCheck.exe"
isCfgWiz = "C:\Program Files\Common Files\Symantec Shared\OPC\{C86EA115-FACD-4aa8-BFA2-398C677D0936}\SYMCUW.exe" -G:{77CCBE0B-A541-49a9-883E-14F8337EC861} -T:Config -REBOOT
BM0bc04995 = Rundll32.exe "C:\WINDOWS\system32\yvrfylmq.dll",s
Enumerating Browser Helper Objects:
(no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - c:\program files\mcafee\spamkiller\mcapfbho.dll - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000}
Symantec Intrusion Prevention - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll - {6D53EC84-6AAE-4787-AEEE-F4628F01010C}
(no name) - C:\WINDOWS\system32\gebyx.dll - {94E0F5B4-2E8D-4A0E-B4F0-28362C2A0861}
(no name) - C:\WINDOWS\system32\awtspml.dll - {BBB05D9E-0297-404D-A6BF-D8F2876B84A6}
{2e376218-c5a7-a218-9e04-b94502c8609f} - C:\WINDOWS\system32\alsvpqgm.dll - {f9068c20-549b-40e9-812a-7a5c812673e2}
--------------------------------------------------
Enumerating ShellServiceObjectDelayLoad items:
PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\system32\webcheck.dll
SysTray: C:\WINDOWS\system32\stobject.dll
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\BellSouthWCC\McciTrayApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\Rundll32.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Documents and Settings\Owner\My Documents\HiJackThis_v2.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wscntfy.exe
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
RemoteControl = "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
readericon = C:\Program Files\Digital Media Reader\readericon45G.exe
RTHDCPL = RTHDCPL.EXE
Alcmtr = ALCMTR.EXE
VSOCheckTask = "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
OASClnt = C:\Program Files\McAfee.com\VSO\oasclnt.exe
MCAgentExe = c:\PROGRA~1\mcafee.com\agent\mcagent.exe
MCUpdateExe = c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
MSKAGENTEXE = C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
MSKDetectorExe = C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
VirusScan Online = C:\Program Files\McAfee.com\VSO\mcvsshld.exe
MPFExe = C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
BellSouthWCC_McciTrayApp = C:\Program Files\BellSouthWCC\McciTrayApp.exe
QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
tgcmd = "C:\Program Files\Support.com\BellSouth\hcenter.exe" /starthidden /tgcmdwrapper
08f37a09 = rundll32.exe "C:\WINDOWS\system32\uoupahgm.dll",b
ccApp = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
osCheck = "C:\Program Files\Norton AntiVirus\osCheck.exe"
isCfgWiz = "C:\Program Files\Common Files\Symantec Shared\OPC\{C86EA115-FACD-4aa8-BFA2-398C677D0936}\SYMCUW.exe" -G:{77CCBE0B-A541-49a9-883E-14F8337EC861} -T:Config -REBOOT
BM0bc04995 = Rundll32.exe "C:\WINDOWS\system32\yvrfylmq.dll",s
Enumerating Browser Helper Objects:
(no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - c:\program files\mcafee\spamkiller\mcapfbho.dll - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000}
Symantec Intrusion Prevention - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll - {6D53EC84-6AAE-4787-AEEE-F4628F01010C}
(no name) - C:\WINDOWS\system32\gebyx.dll - {94E0F5B4-2E8D-4A0E-B4F0-28362C2A0861}
(no name) - C:\WINDOWS\system32\awtspml.dll - {BBB05D9E-0297-404D-A6BF-D8F2876B84A6}
{2e376218-c5a7-a218-9e04-b94502c8609f} - C:\WINDOWS\system32\alsvpqgm.dll - {f9068c20-549b-40e9-812a-7a5c812673e2}
--------------------------------------------------
Enumerating ShellServiceObjectDelayLoad items:
PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\system32\webcheck.dll
SysTray: C:\WINDOWS\system32\stobject.dll