PDA

View Full Version : Antivirus XP 2008


heartransp
2008-08-17, 07:24
I got the Antivirus XP 2008 parasite. I searched the web for fixes and one site said download and run Spybot. I did but I must have made a mistake because now I cannot run "restore" and I have lost my internet connection. I have downloaded and ran a scan with HJT.

Also when I start my system up I get these error messages;

The application or DLL C:\WINDOWS\system32\msi.dll is not a valid Windows image.

Runtime error 462: The remote server machine does not exist or is unavailable.

I can no longet acess Sypbot although it says it is there.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:01:31 AM, on 8/17/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\SYSTEM32\Brmfrmps.exe
C:\CFusionMX7\runtime\bin\jrunsvc.exe
C:\CFusionMX7\verity\k2\_nti40\bin\k2admin.exe
C:\CFusionMX7\runtime\bin\jrun.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\WINDOWS\system32\brss01a.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\system32\HpSrvUI.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Speeditup Free\SpeedItUp.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\spywarebegone\SpywareBeGone.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe

R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://s-redirect.com/?a=2&b=hc
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;<local>
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {147C3292-7021-4B27-B281-417C070ED4F0} - (no file)
O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O2 - BHO: Yahoo! IE Suggest - {5A263CF7-56A6-4D68-A8CF-345BE45BC911} - C:\Program Files\Yahoo!\Search\YSearchSuggest.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: (no name) - {C4AE573B-8CDB-43F2-892B-3EC2D34C4E6C} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
O4 - HKLM\..\Run: [checktime] c:\program files\HPSelect\Frontend\ct.exe
O4 - HKLM\..\Run: [hp Silent Service] C:\Windows\system32\HpSrvUI.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [LexStart] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [PCDRealtime] C:\WINDOWS\realtime.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04a\BrStDvPt.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\Owner\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpeedItUpEX] C:\Program Files\Speeditup Free\SpeedItUp.exe -MINI
O4 - HKCU\..\Run: [StartPage] C:\WINDOWS\rundll32.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [Spyware Begone] "C:\spywarebegone\SpywareBeGone.exe" -FastScan
O4 - HKUS\S-1-5-21-2014835873-2436313513-572454927-1003\..\Run: [cdloader] "C:\Documents and Settings\Owner\Application Data\mjusbsp\cdloader2.exe" MAGICJACK (User '?')
O4 - HKUS\S-1-5-21-2014835873-2436313513-572454927-1003\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-2014835873-2436313513-572454927-1003\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User '?')
O4 - HKUS\S-1-5-21-2014835873-2436313513-572454927-1003\..\Run: [SpeedItUpEX] C:\Program Files\Speeditup Free\SpeedItUp.exe -MINI (User '?')
O4 - HKUS\S-1-5-21-2014835873-2436313513-572454927-1003\..\Run: [StartPage] C:\WINDOWS\rundll32.exe (User '?')
O4 - HKUS\S-1-5-21-2014835873-2436313513-572454927-1003\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (User '?')
O4 - HKUS\S-1-5-21-2014835873-2436313513-572454927-1003\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User '?')
O4 - HKUS\S-1-5-21-2014835873-2436313513-572454927-1003\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet (User '?')
O4 - HKUS\S-1-5-21-2014835873-2436313513-572454927-1003\..\Run: [Spyware Begone] "C:\spywarebegone\SpywareBeGone.exe" -FastScan (User '?')
O4 - S-1-5-18 Startup: AutoPlay.exe (User '?')
O4 - .DEFAULT Startup: AutoPlay.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoPlay.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = ?
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZSman000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: MktBrowser - {17A27031-71FC-11d4-815C-005004D0F1FA} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: MarketBrowser - {17A27031-71FC-11d4-815C-005004D0F1FA} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: ComcastHSI - {0318B686-8DDB-466A-AD2C-3960F2D0E7DA} - http://www.comcast.net (file missing) (HKCU)
O9 - Extra button: Support - {08ABD399-6788-403D-9A38-C75DDFD52C93} - http://www.comcastsupport.com (file missing) (HKCU)
O9 - Extra button: Help - {C9D35F78-7C4D-4296-9552-6FB8E398F406} - http://www.comcast.net/memberservices/ (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.comcast.net
O16 - DPF: {001F2C48-0B32-0FF5-093A-5C8145EE96ED} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {007E4071-FD38-540E-1119-769769DFBAB1} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {00943FD9-0E84-48D5-ABFB-29043C59819E} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {01326193-E713-6C3C-723B-4BEE1FCEDE51} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {0232CB3C-CCDA-4E7A-E243-11AB2F3AEAB1} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {02B45477-BDA1-6020-0CB4-5C3F60B9B9D5} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {03218AEF-456E-051A-093F-4425242D8324} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {032689E3-3F7F-32A3-22F7-53C2511E0231} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {03632C92-89D1-58D8-076B-5E6F2F963E74} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {03DA1D78-B82D-6DAA-E4E2-34C37551A408} - http://63.219.178.91/1/rdgUS1007.exe
O16 - DPF: {044C84A5-A7F5-159E-3537-3E3E7A5BD2D3} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {0574C649-8407-6ED6-4B3C-09406BACC70C} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {05C682E5-3D09-0D6E-1EAF-44E041AB7FC7} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {05D7E320-27F6-0E70-EDE0-07E66E865090} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {063AACF9-1D50-3C12-24BB-127F0E502BCE} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {0676179C-CC6F-145B-E480-75DD1D779262} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {07FB912E-183B-0EAC-794C-7D5149517641} - http://66.117.42.151/1/gdnUS19.exe
O16 - DPF: {080E2A0E-D638-05A9-FA80-1C5C062CFE2F} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {08490981-78C2-7D6F-7FE6-0DF1320B5957} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {08DC782B-B72D-0F13-B832-1F2F295787FA} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {092CC716-3E5E-0268-8C05-243A44A9B3A9} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {09601D2B-A285-0476-D1D2-7B066E2E04B3} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {096046C4-B721-69B6-5B51-0AE667262B9E} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {097F69BD-6062-2052-25C5-7C45638B155F} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {0B11CAA6-4283-7EE4-7AED-4EE81939BA9D} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {0B50762B-FE86-15CD-370D-229D61ADC3F8} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {0B9CF01B-A902-2D25-A4E4-2DF24346F728} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {0BDC1AA4-FD18-07E9-96FC-3ECC208708C5} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {0C09A923-B3B0-288B-9E96-6BA4527F9F0E} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {0C56F43D-738E-0830-F3FF-69A253BB1076} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {0C7D4590-846C-1269-6876-2CB457383950} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {0C8FCD41-6B2B-5D9D-FCA1-7A3429413D59} - http://63.219.178.91/1/gdnUS1007.exe
O16 - DPF: {0D56BA8D-C53C-599E-8890-26A15C2B04AF} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {0D78B6C5-1EE2-48D7-DAC9-28AC6829806F} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {0DEF70E2-E106-26E2-0B74-4A2A42A20120} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {0E438524-28B0-2371-0D9A-6E4B0127CB06} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {0E751E5C-56AE-36B0-A001-498D29E57C35} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {0E95C872-09C6-6360-E120-44026792FF13} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {0FCE4151-5543-1B64-0565-766866ED5A94} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {10622428-7FBE-779F-D814-26407E36C280} - http://63.219.178.91/1/rdgUS1007.exe
O16 - DPF: {10976ADA-AFBC-3BBC-8083-22737BB9C2AD} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {120A2FF7-9DEC-0650-C6FC-161707764EE9} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {120B8D24-5C2E-70F1-4DDB-4FBB6CA7A75E} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {12299BA7-F098-7BC4-36A8-708F583517F9} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {1255A309-2B6E-557C-674C-1C6641618C96} - http://66.117.42.151/1/gdnUS243.exe
O16 - DPF: {1288D34E-CC86-4B59-958E-773859C0AB44} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {12EE183E-E952-64D6-72E1-14CB6B2FB2F3} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {1310750E-AA6D-70E4-EC70-059C4F104FE7} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {13CEDDF0-E0EA-7F81-2720-2160790227E9} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {13E64698-2547-41D2-08AC-13CB1D54BA94} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {140BEA8F-B9A5-2BEA-A9F7-138E2418B331} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {145AA9A4-B0D0-00B4-C297-66EA181F6ECE} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} -
O16 - DPF: {15A2A7A3-9F3B-6907-DFDD-16275B399F1D} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {16003D0C-2DF8-6712-60D7-415265D7EB02} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {164BC6C1-80E4-4FED-BF6E-3AEE1016F9C1} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {169B3AB9-ED1C-72F3-F8F8-433C439CB4F6} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {169C6843-5210-4501-DACB-7E8C4893768D} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {1745FD24-5047-3FCF-85CB-69C334B85893} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {1809099D-4BD7-2840-4111-0CEF73442CBD} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {18A56777-744F-2EBB-6A9C-22FE37EB36E7} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {18D03946-415B-24ED-5512-2D277F9D105E} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {1A040CE7-9408-7294-0DA6-616943CAE67A} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {1A0E98B9-57C5-2B3F-739A-3E59218EB347} - http://66.117.42.151/1/gdnUS243.exe
O16 - DPF: {1A136DC1-F0BC-2DD3-3F49-16B816B03037} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {1ADEAAE7-0986-6BAA-50FF-23853921B6B6} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {1AF749C2-9D4D-164F-D22E-548B05FA0C32} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {1B37D8ED-E773-414B-62F8-287430C98105} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {1B783D4C-7706-7D46-E84F-4D1F678255CA} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {1B914A05-64BC-31A4-D0E4-593B175B9F78} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {1CE25977-8F0D-726D-3116-13FE031D1C10} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {1CE8D2B6-4785-5488-9417-4A7515FC1BA2} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {1D11085D-B75A-7F59-D6D2-3FC15CA398F1} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {1D66E58E-1B82-4F3D-435E-35FF73348E02} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {1DB1A99A-FE07-72B2-6162-6F2117C8A103} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {1E266DED-ED82-277F-9E34-042A7019103D} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {1E6169A5-9FA9-63DC-69C1-438C6FAF2CF5} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {1E8555DD-AC73-68D0-B571-1D0766FA90CC} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {1E956AB4-7699-56C0-A4DD-7420035F2467} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {1EEBE599-5E0E-5D5B-9304-4E4B3D45C159} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {1F25EA8F-DA82-1D3D-428A-1B395EABD978} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {1F5604B5-EEBD-4C94-DFDA-5B6E39293919} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {1FD683B5-DE60-3213-AB62-5383314F5B8D} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {20121843-1C26-387B-F0E6-058845346ECF} - http://63.219.178.91/1/rdgUS1007.exe
O16 - DPF: {207CD221-631A-550F-25B2-1B27569D9CC4} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {20ACB1F2-0716-1C20-F0D3-0B5E19410173} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {20B821C6-6617-7125-5A1C-0AE71B50245C} - http://67.19.99.158/1/rdgUS871.exe
O16 - DPF: {2105AFC1-DA15-532A-8F74-652023D9739A} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {213CC2CF-7B9E-72D6-359B-1ACA5A18F545} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {21A1A234-9576-0DED-E85B-5A536421E4D0} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {223A6E71-B523-238E-3BE2-506C17665A24} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {228840BB-D178-3581-628D-7C00612936AB} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {22C0FBC3-667A-44D4-97BD-0E2C33E9E25E} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {22FBDE88-0472-48B1-8A72-2B617416816D} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {2304F0E9-25BE-3F40-27DA-700554F3BE25} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {23055AE3-B4D8-3642-3363-4E27176C16CB} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {230D274D-9906-6B50-4741-238073149A8F} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {232DF5E6-F85A-3628-5BBD-6C3E6822DB73} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {2362AE80-75C6-1965-D7E2-58F750D862A9} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {2390821E-C379-48B5-B975-191B5B69C266} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {239F915E-8F59-06B5-E237-096C51BBF5E3} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {23C11673-3C5B-5F34-951A-37283804CE3A} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {23D1C2E8-3352-377D-6D6E-051C7D89600E} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {23DBBEF5-7CF1-195D-3214-245F3C097386} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {242B0EA4-E5BF-3442-C381-609B5CFDF881} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {245AEAD6-1EFC-7E74-E34D-40B94E94A6C7} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {24AB02C0-2BA6-7374-B86E-6EC4178556D0} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {24AC33B2-C5BC-2C97-551D-65922BF79DCF} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {24FAD53D-1B0D-4680-1121-6F9B7E036FC9} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {2562A856-5D06-041A-2B17-3CF837F189B7} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {25BF76DA-AF2A-1585-8436-66B267485185} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {26862DE8-09EF-6204-4322-6BA3307C6BE6} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {2698136F-9A15-0730-0E0B-638917E9D51E} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {26B208BB-96E0-3F1A-2DA1-251E4E05C60C} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {27CB21EA-6C4D-0834-B576-7C9102ECC425} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {28B0B7CC-595A-658B-50E3-61C3248895B2} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {28CB2DED-3A28-2279-55C9-38B603C42014} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {29D914C1-29F6-1BCF-C01F-0C325CD6F250} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {29EED5E9-1B7E-18EB-8741-6C352AAFBC2E} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {2A4FA2B1-2324-2D04-9A5F-15D03C5BBA13} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {2B055C9A-0CF7-0C8F-0A1B-009C2D2BB670} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {2BD5361B-35B7-0E6E-49A7-35656D4DCCAD} - http://63.219.178.91/1/rdgUS1007.exe
O16 - DPF: {2C677651-89A4-7670-2523-558D6AEAE4DC} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {2CC0C4F8-E798-517B-B3F0-299441BDF0FB} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {2CC974CC-C5EE-2177-E23E-24425CB75393} - http://66.117.42.151/1/rdgUS19.exe
O16 - DPF: {2DF8C285-E41D-21A3-0D7A-787C43EAE2AC} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {2E4A3798-EE85-0789-8B2E-255B104E6EF0} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {2EA5C273-7BDF-123A-31B9-0B9A72344F52} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {2EB1FA90-BD16-39B6-EA87-72A55A1F37F4} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {2F09CF91-7C58-41EC-4149-16442B744D14} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {2F820DC7-6D65-407A-0E2F-59E3163B8548} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {2FF83362-CD56-1E12-C1D8-372B79AFD8DD} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {30336E70-3D2C-6712-5777-1FAC014F3E81} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {3052EC81-734A-0C07-45B9-2B0A581FF679} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {3098CE23-D061-1824-B4C8-41C3050B7776} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {30E46613-D270-4F03-51E3-6173728EA5C7} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {30FC077B-EA89-6386-BEB6-4E8B3E9F836C} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {3188826B-AB68-3FEC-6AAF-0CE322C47389} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {31A763CC-FD03-4E93-C61E-7267030853F4} - http://63.219.178.91/1/gdnUS1007.exe
O16 - DPF: {31CCB863-83DB-04D7-D73B-6D8B68FEF4D9} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {3257C863-5B78-7904-5053-243009CB37AB} - http://63.219.178.91/1/gdnUS1007.exe
O16 - DPF: {325E4F6B-C96C-17E1-5A02-48ED184E66C8} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {3399ECCE-A305-304E-B333-0F7822ECA3AF} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {33A84537-0BF8-7A6C-398B-7F537D121D07} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {3478BC70-22B9-4C66-E533-1892269162C2} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {3488B377-3691-1EEE-01A4-33BF12449665} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {34916862-A4BE-3191-F357-58194C91A3DE} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {34BE5C85-17E3-077D-9063-70963CF8160C} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {34C03262-815C-3102-E4FE-47AA38B5EE34} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {361C2D30-C9FA-5C21-7FBD-4CFD06122C87} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {3683FF3B-C3B0-2870-2841-6F8B40468D9F} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {37262C3D-5122-1208-A0D6-45D86EFB3122} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {374BA7B4-0667-7D50-7239-3F21480ED5AD} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {3780D141-C6EB-345D-7083-51CD6F686BB6} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {37918403-2EC4-7144-0E10-4C4F1457128A} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {39C9B22E-DE68-00BE-803B-60412A2D26FB} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {3A129B33-BE97-70BB-768D-52A726956888} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {3A3D04F7-9DDE-5B4E-3676-3CE72E2551D6} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {3A5E53F4-405D-5764-9343-05941C8F2A74} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {3A816AE3-868B-4313-F761-475C5BDBCEA6} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {3AB666A5-9330-6777-EBAC-4F4E727ED5AA} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {3AC0B631-94F7-1AE6-B4A7-062535288115} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {3AC31E66-2779-1557-4B0B-236F1D671A8C} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {3BEAFD12-09D1-709D-BFE2-0EB16F83A1C2} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {3C45DCC4-B114-20E6-383C-16ED1CCF3AB7} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {3CB87552-58D0-1B7F-359B-4DAA703F0ECE} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {3DAE5364-66F4-6594-01B7-573C4B552250} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {3DBE2516-7E19-06B0-91D2-3F741D204567} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {3DF8ACC8-555D-000E-8BEA-1F012B63D76F} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {3E0D09FF-03B6-4BA2-91D1-51E9045658AB} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {3E1A85B3-458F-5F05-B063-6A4F478FC3AE} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {3E6CC979-E5C9-205C-E0D4-22F53BF6BA59} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {3E8E457C-30C1-12E2-3A2E-704912081545} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {3F620DAC-E82F-656F-D427-20CD3973A8DB} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {3FFED054-BC8F-1754-F22A-238F395A3DEF} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {402D067A-2703-7B62-C3FA-714C7EE1B291} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {403728A0-244B-0BFA-B10A-721B186FB277} - http://66.117.42.151/1/gdnUS243.exe
O16 - DPF: {408F1E99-DDB5-7DCA-C199-418D32A38D98} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {41103D09-947C-6C2C-292A-715A5FF4B345} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {413311B4-5328-61E1-4A91-1F4F1855F704} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {418D9543-BD2B-33A0-A828-4110484AE845} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {420CBD64-4738-282B-4D20-35E865F7928C} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {423141D7-0DC3-5BFD-2917-0746029C6772} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {42CFC007-E6F7-650B-59AA-28796E935DD6} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {4313707A-E10D-336D-C3D8-038069B020F1} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {43A577FB-1BBB-55AB-C123-6CA615767809} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {44264E9E-CB87-58BF-D2A9-16144B89D6E1} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {44423B79-DE66-28C3-BE4B-1CD47E05C60A} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {4481AF52-893F-3996-0B4C-1BC467D75093} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {448C126F-0F28-6D99-FCF9-5C9C074A491D} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {4520FEF3-976C-6C0E-D9F5-78AD25A77710} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {45A8D159-A723-497B-9F28-78955A9861E9} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {45B4155F-6BCE-4DFA-92A1-5E5C4A4FC1D1} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {46B82F75-FF8A-0C85-6381-09B3709FBF41} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {46F339E6-B63F-41C0-B5A2-4B211D9B4837} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {472CD1F1-4994-4EB4-07E3-34684462906A} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {47658C1A-0525-6206-A74D-07700BA5BC88} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {477AA95F-E5FF-3BED-C160-487810269053} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {477B0DF9-3DD4-194D-1FDD-64CC5E29FF81} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {48224FE4-820E-6027-2A24-7374541A94C8} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {4864BA0E-70D7-6BD1-2EFE-5BA64BC48AD6} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {48A7ED54-446B-651F-2A8F-02751840678B} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {48CEFF1B-EA9C-523C-479C-4D6C6F8111C9} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {48F93236-7F14-41F5-4882-0A923FFA47F0} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {49562DE4-C869-64A6-ECB0-7D894BF517EF} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {4A692793-EFE1-2009-0A3C-7D1D1D12AC13} - http://63.219.178.91/1/rdgUS1007.exe
O16 - DPF: {4AB54B3F-0F1F-5838-2495-4F01630202AD} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {4ABE57BA-E137-2534-A5C1-757C1A8F0405} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {4BF5B9D4-94E4-58B5-63FA-383837CB6DA5} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {4C1CA3E0-6E88-0114-6266-1200180D0246} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {4C5838E0-7AE4-7C10-4DEB-66E922C55BE2} - http://63.219.178.91/1/rdgUS1007.exe
O16 - DPF: {4CB41B08-EF6B-74CF-AF37-31FB2EAF8EEA} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {4CB87FB5-8E1F-76F1-1157-15535B0F097B} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {4D03F55E-CD16-4673-F550-58567EF475AF} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {4D2EDC82-4A98-3478-B896-7A7C6F29D278} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {4D405F35-0309-6D49-CBC2-1AEF7B5ACFE1} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {4D863EB9-BBD1-2E1E-EA4F-1F0E6FE6C0A1} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {4DA1BA11-D82D-2F49-CEF9-042C670649E0} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {4DE169F2-9944-6CE6-7D0C-22917EA30C23} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {4E7E1618-4640-2326-AC60-30C905A18D37} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {4EBC04B3-111B-6FB4-BAF2-1C336FEB0088} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
O16 - DPF: {4F606A9E-0C08-52B0-F906-626237F16A64} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {4FD63E8D-7893-14E7-9E58-67772925F2AC} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {5012AC46-3779-0EF3-BAE4-70BE209827B3} - http://66.117.42.151/1/rdgUS243.exe
O16 - DPF: {5015E218-6A07-7391-6294-70B63A39B22F} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {50FE6B5C-6237-322A-D5CF-4EDC3443781E} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {5106E0B9-D240-1997-2DEE-35D81B3F7941} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {52649B60-2181-6063-3D72-4CF81866318A} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {52953DD1-6DE9-7B55-6D14-24E24BFD40A2} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {52A890F9-352C-5EC1-C71A-1FDD7D20CB7F} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {52DE6B4A-B1BD-63C3-8AE4-5FA052C05B3A} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {5414ABC4-31C2-742A-C598-7FBD5F155CDE} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {5450E552-E1F7-5B3B-6474-445847B63FF1} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {5488225A-198D-650E-2A4F-14BD7EB11F71} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {54BF524A-821A-4539-6121-6BDC49B1CB8D} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {54ECF403-0EA3-5F65-E64C-187D6B2C1915} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {54EF01E3-8066-34C0-040F-2929301D091F} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {55BD2D7F-AA9F-1031-29DC-52ED1D3FF3D7} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {56969353-53C7-2102-C22C-733B79BC544E} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {56B7B8C1-7435-246B-9212-0C166D726470} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {56C5F496-6E12-0FA4-6733-69153096557B} - http://63.219.178.91/1/gdnUS1007.exe
O16 - DPF: {5726F123-2152-7219-C8BF-07E755961D50} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {57A00B0F-8703-3EE1-C883-7B3D20EC04B5} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {57DCE2D2-E289-1B5B-4147-3CF575BEFCBD} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {57DEDCB4-BC7E-4199-48C0-1407487029E3} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {57EAEDD0-5544-11C5-4BC3-2E1F7ACD4E17} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {58B2FCEE-EF9E-062C-B168-631472A0959E} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {58CB67FF-69FD-02D1-D54D-0C102AFA093D} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {591E23EB-3B2C-22D5-E424-050779F40FE1} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {592E70CA-48E3-5F70-5C04-5EFC772E56FD} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {594CF03D-0ACE-075C-250D-3E771175AA8B} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {5A44319B-9ABA-7C6D-EFBE-70D363AF3529} - http://63.219.178.91/1/gdnUS1007.exe
O16 - DPF: {5A80E9CD-C85E-2106-A246-53F23582E027} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {5AD659A9-31BC-6C4F-B197-4ADC4D3EB810} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {5BA538EA-2BAB-6865-3FBF-48E658A384A7} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {5BD83E99-D5C5-4C91-982C-716A7BF0F439} - http://66.117.42.151/1/gdnUS19.exe
O16 - DPF: {5C206AD0-2FE3-0BD9-D725-20553995AD00} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {5C3B8FAE-A51D-75F2-C41D-4E986285BB55} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {5CB1D99E-AC9C-1749-3762-32AD51012849} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {5CCFEC0B-772F-560D-4B68-7D7456F355E8} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {5D36E7C7-96E3-2105-6CE6-11715E432155} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {5D6D3658-0EEB-2C57-F0DF-50973CABE1EB} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {5E425D6A-8E97-6AA7-1B25-2E0D4ED8F472} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {5FDEA53A-C9AD-1974-030F-502B77851B4A} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {60122E11-86F7-7C54-0DEA-1BC672DBC95A} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {6064190A-3A45-58A8-BA47-06FD0856B4D0} - http://66.117.42.151/1/gdnUS243.exe
O16 - DPF: {60C65347-C58B-2524-76C2-15FE0F314905} - http://63.219.178.91/1/rdgUS1007.exe
O16 - DPF: {6105B688-8976-4916-EA35-74053EB04C91} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {619D8CBC-C454-7474-E753-0DCB3C18D621} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {61BC2256-CA4F-347F-BFB2-4F233074E96F} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {61D8B077-6AFD-2B13-410A-69AF7642A8B4} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {61E40480-F028-5160-1C28-6E116891424A} - http://63.219.178.91/1/gdnUS1007.exe
O16 - DPF: {62088D17-0D7C-0A4E-2B26-2E3269AED310} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {62560B74-947D-473B-55CA-4E232EA96FF8} - http://63.219.178.91/1/rdgUS1007.exe
O16 - DPF: {626B9FB4-4FFE-7870-09DF-5203522F0B3D} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {62EBAA06-E84F-39E0-2F32-0B381F14A48E} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {6409BCE4-2F8F-5FCD-8DD5-3B86178D7EFE} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {641C4D86-5EE2-479F-0D17-2E2A457513CA} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {648A4592-C525-37BE-DFED-4C2C5801D3EE} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {64B7E4B4-B6F8-6154-774F-628962F3CA95} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {64C47C74-4A40-042A-1F86-64EE41DE7481} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {650D7D8C-8F16-308E-582A-7B1E69EA0B98} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {65B3B348-CDC9-7BE4-B636-794464360D78} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {661642FC-0444-7BA2-C0A6-69DE151F51CF} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {663C8FEF-1EF9-11CF-A3DB-080036F12502} - ms-its:mhtml:file://c:\nosuch.mht!http://67.18.129.78/b/bd/1/x.chm::/load.exe
O16 - DPF: {665FA5DB-2859-2E5A-80A8-68CF755482B9} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {66A05FE3-00CA-5A62-886A-36EB44E7A7F1} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {66B73C5F-6FF9-6AD6-A502-71C14FE6B24E} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {66F9A537-7206-6CBF-AD2E-744026064E27} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {673CFFC2-B4F8-0BC6-F060-26507451A97B} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {6759601B-6622-0DDF-F023-5A953E523142} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {679B31EC-7EBF-2F2E-8A5F-63F65BB150C2} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {681BE168-A06F-76DA-14D3-53B171E78375} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {68EA1C36-3AB5-54A3-E36A-41485DABAE7D} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {6926066A-5588-5BA5-596B-4D8F00847A3C} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {697B58F7-9E83-60D5-08A8-298760B058CA} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {6A3E375D-16CE-0685-4364-1222738037A0} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {6A518EE6-644C-7AD1-A96B-62DA254D5080} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {6A53A8CC-76F5-3FED-6F12-1706741E8160} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {6A612EFA-284F-6E1B-50CF-3E9F5380723C} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {6AA0201C-0467-1A92-AEE8-5F6065E6EAA4} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {6AB88577-E79A-3E12-F413-41D32AA94A06} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {6AE96699-015A-5FE5-9074-53156299D2DD} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {6B98E6E1-1E40-6DA7-07F1-59E73D9B2CC2} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {6B9CC91D-2640-60E3-1F27-0BDD75E25011} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {6C327064-8F30-49F5-CE3B-777346637C05} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {6D4E643D-FA8D-5D83-AD49-7D5C1460CE42} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {6D726477-8161-7A8A-B54F-3E6A522C1276} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {6E67B763-FA5D-5EE6-F990-01F21574DE3A} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {6EEF2FA9-B23A-493A-863C-62AD74CD2F48} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {6F07030B-F076-74DB-B8B7-587400243F21} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {6F0F818E-7AEF-4586-5759-27D23C5DDA41} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {6F152017-56C4-055F-E05F-27D068D0D84A} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {6F371BC0-1CA5-218E-283A-5E6C7A189C32} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {6FAC792D-AF17-4589-0A3B-6F693E331CF2} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {6FF0ABD7-4609-0D0A-3BAE-059338226263} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {70091EA2-AC3B-3EE3-BC82-73A92442C05E} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {71687C91-8331-6375-6102-4D0313968A2D} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {717AF11D-35A1-2233-0412-4E2D682FC14B} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {71FEACCA-DF4A-71EB-813D-29EC6572E188} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {72D78936-82E0-5C66-76B9-217609D82E9B} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {730F5EF8-DA3B-69A9-0519-311574244AB5} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {7353F9C1-ADF4-1A7A-53E7-4D1B2B72B894} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {73A617F7-B99B-5C3D-C540-6136171D8842} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {73ABBEAD-EDB3-1662-9E84-7A3A2B1A2D41} - http://67.19.99.158/1/gdnUS871.exe
O16 - DPF: {73BAAA10-71BA-78C5-9EBD-0F991F27109A} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {73E40747-1122-0395-0CF7-52801E30421F} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {73E64B0C-7ACF-7E66-BAC6-72DC4EF89A2C} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {7484ED75-D270-2177-2AD9-648600E340AD} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {7509E15B-73C3-3A0F-7617-10F01688A073} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {756002F1-A003-6C3E-EA98-2E8E0048206C} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {75925E74-A766-76A3-6BD5-586C5D617AFB} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {75B234E0-E58A-5B9F-BBDE-0FDB604C01BB} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {75BDB6D9-C704-48B0-4BC8-45A832B820EE} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {75EB9125-B4E0-1813-5070-6DCB0D747949} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {76856291-C489-54E9-2B78-382A28FD26CA} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {76E945CA-0E67-573C-107C-7CB445D68FE3} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {7752AED9-F09C-44E6-BC53-06FA5B97538D} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {780FFBB1-B617-25B4-023F-2B8C688F6D7A} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {7881D6E1-CA31-7974-5F95-6E0D296E3A4C} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {7894668B-7DC2-6BB8-98A5-73415219D2CD} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {78A11249-CE74-3E2B-F1CA-2E8B5DB95993} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {78A891C8-4A99-4CF5-64C2-27DD22B9F9F8} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {795E6A59-AA5D-67A2-4DDD-6B3C7A3E1026} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {7995C286-3378-6E6B-E46E-4A362E9B05A3} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {7A0224AB-9DE5-6AA7-4097-3A423166EC20} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {7A8013D6-A503-7EB0-51A5-6BF23532C685} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {7B1BF8D6-7DC9-4CAB-10B5-67ED3D580EF1} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {7BD5C872-D2F2-67BE-2D20-3D1B57230653} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {7C2DBF00-7774-7AFD-D785-091677C4113A} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {7D284B75-82F3-7424-DAF3-5779686FF9C9} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {7D8CB0FE-5BF0-35E1-AAEC-3F590950EBA7} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {7DC586BB-D2A8-100A-6E8E-758B5372FB55} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {7DE815E5-2C32-0D11-44EF-689003BA7354} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {7E45C7DF-15CA-3F65-C7B8-607211272913} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {7E496CAB-7870-15E9-A107-4D6D761AAA3D} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {7E803FA5-629D-15F3-C8EE-12265C701264} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {7E99770E-9B29-08FC-E483-229F0A0B6B19} - http://66.117.42.151/1/rdgUS20.exe
O16 - DPF: {7F1604DE-49AD-346C-A9B5-52E61BDF656A} - http://66.117.42.151/1/gdnUS20.exe
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://rtc3.webresponse.one.microsoft.com/media/xp/TLIEFlash.CAB
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://freetrial.webex.com/client/T26L/webex/ieatgpc.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O21 - SSODL: BVuRIWvCWgrV - {20DFE57F-8A75-4FD5-66DF-402E5A05F591} - (no file)
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\SYSTEM32\Brmfrmps.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Computer Browser (Browser) - brother Industries Ltd - (no file)
O23 - Service: ColdFusion MX 7 Application Server - Macromedia Inc. - C:\CFusionMX7\runtime\bin\jrunsvc.exe
O23 - Service: ColdFusion MX 7 Search Server - Verity, Inc. - C:\CFusionMX7\verity\k2\_nti40\bin\k2admin.exe
O23 - Service: Error Reporting Service (ERSvc) - Intel Corporation - (no file)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Help and Support (helpsvc) - Google - (no file)
O23 - Service: HID Input Service (HidServ) - Google - (no file)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Windows Installer (MSIServer) - Unknown owner - C:\WINDOWS\system32\msiexec.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Secondary Logon (seclogon) - Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. - (no file)
O23 - Service: System Event Notification (SENS) - Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. - (no file)
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Distributed Link Tracking Client (TrkWks) - VIA Technologies, Inc. - (no file)

--
End of file - 45176 bytes
heartransp
2008-08-21, 00:28
As I mentioned above the Sypbot seemed to have disabled my main working files due to whatever. I lost my internet connection, and I wanted to run Spybot again to perhaps undo what I had done as it did not remove the xp antivirus 2008 and corrupted my system.

Unfortunately, since I lost my internet connection I could not run Spybot because it kept asking to upgrade the definitions. I went to a working system and downloaded the Spybot file. I then opened it and it upgraded the definitions. I copied the files to an usb flash drive and open the updated info in wordpad copied the files and pasted in the updated file on the system that was not working. I was able to run Spybot.

After many, many reruns by Spybot on the system allowing everything to open it finally deleted the XP Antivirus 2008 files and image. Since I was still not able to access most of my system files, I ran a Windows XP Home Edition repair....not recovery...but repair….very important since running recovery will delete your data files and programs. Search running repair on the internet and it will walk you through the repair. Running repair repaired my system folders especially my system32 files including my .dll files. I did not lose any of my data. I then was able to access my system folders and files and was able to connect to the internet.

I have not purchase a virus protection system and deleted the free ones that one’s ISP provides free. Now I have real protection…it is worth the cost.

All is fixed now. Good luck in fixing your systems.