ccstoys
2009-09-01, 21:27
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:10:27 PM, on 9/1/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Common Files\AOL\1109011534\ee\AOLSoftware.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Common Files\AOL\1109011534\EE\aolsoftware.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr6/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/ymsgr6/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr6/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HostManager] "C:\Program Files\Common Files\AOL\1109011534\ee\AOLSoftware.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6403] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4242] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3642] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5379] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5932] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6783] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4474] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3249] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8378] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2927] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6089] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC949] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7810] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5486] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5191] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9959] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2233] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9777] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA872] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1138] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3649] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5102] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8118] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5350] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5919] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6971] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC589] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9913] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6123] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3508] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4814] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2913] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1207] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5946] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4091] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9353] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3593] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8939] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC213] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7054] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9596] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6753] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3520] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKLM\..\RunOnce: [SpybotDeletingA361] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3746] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9263] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3089] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8462] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3385] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3174] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC540] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA582] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7285] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9622] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8536] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8311] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4924] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7358] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9805] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8493] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4784] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA584] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1328] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3428] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4806] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2075] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA371] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1757] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3514] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2855] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8677] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC973] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3814] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7296] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingA41] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2878] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4696] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9107] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1400] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC592] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4697] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3671] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4276] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8047] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA626] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8619] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4941] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8161] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4242] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3205] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1122] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5552] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA533] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6352] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7519] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1230] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA256] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8796] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\RunOnce: [SpybotDeletingB9468] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD281] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB221] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8342] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1047] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3623] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1007] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8978] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7620] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8619] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2860] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7356] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7383] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6287] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6731] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2408] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9214] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3683] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7978] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4172] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6345] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4261] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8300] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8460] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5847] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2972] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5580] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5704] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6277] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9131] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5147] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8648] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8222] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4585] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3894] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6504] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1353] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7999] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB373] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9012] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingB607] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9181] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8175] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKCU\..\RunOnce: [SpybotDeletingD256] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4515] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4164] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2126] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8684] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8262] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD371] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4941] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5655] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3553] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9582] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3313] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8726] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingB969] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8986] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1678] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2456] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6148] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6228] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6170] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3750] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7824] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9494] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2765] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8422] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6021] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2641] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB781] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9943] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5089] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3992] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB335] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7628] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7709] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7127] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3009] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1883] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6530] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1553] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4631] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6690] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7406] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9957] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2248] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1949] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7765] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7438] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4459] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9442] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6752] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7363] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8600] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5570] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4492] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7737] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7552] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - Startup: ERUNT AutoBackup.lnk = C:\ERUNT\AUTOBACK.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://support.gateway.com/support/profiler/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} (MetaStreamCtl Class) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {2871FC9B-5E34-4AAE-9E9C-EBD1652D5C92} (Rhapsody Player Engine) - http://forms.real.com/real/player/download.html?f=windows/mrkt/rhapx/RhapsodyPlayerEngine_Inst_Win.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} (AOL Content Update) - http://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-18.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://www.xdrive.com/downloads/std_install/setup.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1127680319483
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1164057470125
O16 - DPF: {93CEA8A4-6059-4E0B-ADDD-73848153DD5E} (CWebLaunchCtl Object) - http://support.gateway.com/eSupport/static/weblaunch/weblaunch.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4598/mcfscan.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
O24 - Desktop Component 0: (no name) - http://pictures.sprintpcs.com/i/115948118661_3300.jpg?ext=.jpg&border=2,255,255,255,1,0,0,0,0&outquality=90
O24 - Desktop Component 1: (no name) - http://l.yimg.com/us.js.yimg.com/lib/pim/r/medici/16_11/mail/mailcommonlib.js
--
End of file - 34969 bytes
Scan saved at 3:10:27 PM, on 9/1/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Common Files\AOL\1109011534\ee\AOLSoftware.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Common Files\AOL\1109011534\EE\aolsoftware.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr6/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/ymsgr6/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr6/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HostManager] "C:\Program Files\Common Files\AOL\1109011534\ee\AOLSoftware.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6403] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4242] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3642] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5379] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5932] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6783] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4474] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3249] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8378] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2927] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6089] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC949] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7810] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5486] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5191] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9959] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2233] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9777] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA872] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1138] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3649] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5102] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8118] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5350] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5919] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6971] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC589] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9913] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6123] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3508] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4814] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2913] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1207] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5946] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4091] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9353] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3593] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8939] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC213] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7054] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9596] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6753] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3520] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKLM\..\RunOnce: [SpybotDeletingA361] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3746] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9263] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3089] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8462] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3385] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3174] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC540] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA582] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7285] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9622] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8536] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8311] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4924] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7358] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9805] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8493] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4784] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA584] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1328] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3428] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4806] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2075] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA371] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1757] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3514] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2855] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8677] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC973] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3814] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7296] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingA41] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2878] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4696] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9107] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1400] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC592] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4697] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3671] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4276] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8047] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA626] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8619] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4941] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8161] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4242] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3205] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1122] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5552] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA533] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6352] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7519] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1230] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA256] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8796] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\RunOnce: [SpybotDeletingB9468] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD281] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB221] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8342] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1047] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3623] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1007] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8978] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7620] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8619] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2860] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7356] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7383] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6287] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6731] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2408] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9214] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3683] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7978] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4172] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6345] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4261] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8300] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8460] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5847] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2972] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5580] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5704] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6277] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9131] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5147] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8648] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8222] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4585] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3894] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6504] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1353] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7999] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB373] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9012] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingB607] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9181] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8175] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKCU\..\RunOnce: [SpybotDeletingD256] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4515] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4164] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2126] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8684] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8262] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD371] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4941] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5655] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3553] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9582] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3313] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8726] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingB969] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8986] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1678] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2456] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6148] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6228] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6170] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3750] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7824] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9494] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2765] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8422] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6021] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2641] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB781] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9943] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5089] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3992] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB335] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7628] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7709] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7127] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3009] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1883] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6530] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1553] command.com /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4631] cmd.exe /c del "C:\WINDOWS\system32\drivers\kbiwkmpnqvsakd.sys"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6690] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7406] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9957] command.com /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2248] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmiiflamut.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1949] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7765] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7438] command.com /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4459] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmjqxncofk.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9442] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6752] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7363] command.com /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8600] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmealykyjl.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5570] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4492] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7737] command.com /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7552] cmd.exe /c del "C:\WINDOWS\system32\kbiwkmgynhtnrb.dat"
O4 - Startup: ERUNT AutoBackup.lnk = C:\ERUNT\AUTOBACK.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://support.gateway.com/support/profiler/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} (MetaStreamCtl Class) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {2871FC9B-5E34-4AAE-9E9C-EBD1652D5C92} (Rhapsody Player Engine) - http://forms.real.com/real/player/download.html?f=windows/mrkt/rhapx/RhapsodyPlayerEngine_Inst_Win.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} (AOL Content Update) - http://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-18.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://www.xdrive.com/downloads/std_install/setup.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1127680319483
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1164057470125
O16 - DPF: {93CEA8A4-6059-4E0B-ADDD-73848153DD5E} (CWebLaunchCtl Object) - http://support.gateway.com/eSupport/static/weblaunch/weblaunch.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4598/mcfscan.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
O24 - Desktop Component 0: (no name) - http://pictures.sprintpcs.com/i/115948118661_3300.jpg?ext=.jpg&border=2,255,255,255,1,0,0,0,0&outquality=90
O24 - Desktop Component 1: (no name) - http://l.yimg.com/us.js.yimg.com/lib/pim/r/medici/16_11/mail/mailcommonlib.js
--
End of file - 34969 bytes