A friend gave me an old computer of hers, I am having tons of trouble with it. Please advise! Here is my hijack log.
Thanks!
Logfile of HijackThis v1.99.1
Scan saved at 9:31:13 PM, on 10/5/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\System32\cnlhjh\yppoud.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\Winkeri.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\WScript.exe
C:\Program Files\DownloadWare\dw.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\System32\RUNDLL32.exe
C:\WINDOWS\System32\stcloader.exe
C:\WINDOWS\System32\winupdtl.exe
C:\Program Files\AutoUpdate\AutoUpdate.exe
C:\WINDOWS\System32\ieswoa.exe
C:\WINDOWS\System32\pdii\orfrmt.exe
C:\WINDOWS\System32\ycphs\plwsplbo.exe
C:\WINDOWS\System32\hlgec\yirexd.exe
C:\WINDOWS\System32\xhhevxsx\ijxvki.exe
C:\WINDOWS\System32\ukem\lscoxog.exe
C:\WINDOWS\System32\ebcugpf\dxunrqp.exe
C:\WINDOWS\System32\yvpv\hpeqo.exe
C:\WINDOWS\System32\lqycd\lihvvjh.exe
C:\WINDOWS\System32\kjapkir\sgvq.exe
C:\WINDOWS\System32\sjxrv\tlnmhnc.exe
C:\WINDOWS\System32\usptamp\wfxbq.exe
C:\WINDOWS\System32\cxqm\gobpsu.exe
C:\WINDOWS\System32\rteq\jojw.exe
C:\WINDOWS\System32\mkktuum\fbfed.exe
C:\WINDOWS\System32\yygurocr\fktdya.exe
C:\WINDOWS\System32\wsvpsgj\wgsqgh.exe
C:\WINDOWS\System32\bfhlhx\jliawjd.exe
C:\WINDOWS\System32\dbwls\tawcjk.exe
C:\WINDOWS\System32\skuek\lqtucg.exe
C:\WINDOWS\System32\lbuaa\rattllj.exe
C:\WINDOWS\System32\keyjqsfv\auit.exe
C:\WINDOWS\System32\sxuonkxn\cdlbtxdf.exe
C:\WINDOWS\System32\wfuk\ngakdxv.exe
C:\WINDOWS\System32\fjistp\mntfhoj.exe
C:\WINDOWS\System32\lsjfltgk\uoky.exe
C:\WINDOWS\System32\bumeu\ktepq.exe
C:\WINDOWS\System32\xcber\mbok.exe
C:\WINDOWS\System32\bfryo\lfcdr.exe
C:\WINDOWS\System32\bhpdqt\kufeskd.exe
C:\WINDOWS\System32\pecpsa\xpfgi.exe
C:\WINDOWS\System32\ktyrr\wqpuiui.exe
C:\WINDOWS\System32\kilcbdpy\pxso.exe
C:\WINDOWS\System32\nrevv\rfdiymkj.exe
C:\WINDOWS\System32\bdsglann\wufrni.exe
C:\WINDOWS\System32\ijrnreon\jmnbmb.exe
C:\WINDOWS\System32\exttt\xpwcifcp.exe
C:\WINDOWS\System32\tqdjqpqw\klabffy.exe
C:\WINDOWS\System32\uaubcsuf\qkhekn.exe
C:\WINDOWS\System32\tjxlelb\bsdtwuyc.exe
C:\WINDOWS\System32\swibgru\rxdcmw.exe
C:\WINDOWS\System32\iere\qdpcycvb.exe
C:\WINDOWS\System32\uobg\dugo.exe
C:\WINDOWS\System32\rqrctrc\hnuek.exe
C:\WINDOWS\System32\ecan\adajkbw.exe
C:\WINDOWS\System32\bcijsbe\qnlqe.exe
C:\WINDOWS\System32\tfkkhnu\dmkm.exe
C:\WINDOWS\System32\hsibgne\owbkbuuk.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\WINDOWS\System32\lxubnh\vnpgiw.exe
C:\WINDOWS\System32\vpgy\jsyjgu.exe
C:\WINDOWS\System32\epof\hlge.exe
C:\WINDOWS\System32\yjpim\jteey.exe
C:\WINDOWS\System32\bein\toebkalo.exe
C:\WINDOWS\System32\ytkai\udbu.exe
C:\WINDOWS\System32\almo\ylbj.exe
C:\WINDOWS\System32\ntgfo\jmlriwcv.exe
C:\WINDOWS\System32\ktyty\iaes.exe
C:\WINDOWS\System32\cynkxm\rhbrqbc.exe
C:\WINDOWS\System32\dwnlgold\frytrsyy.exe
C:\WINDOWS\System32\vsydemu\bsvy.exe
C:\WINDOWS\System32\rumgi\vefw.exe
C:\WINDOWS\System32\lpsufgx\xbajkobs.exe
C:\WINDOWS\System32\ykypp\tvkg.exe
C:\WINDOWS\System32\oomjrte\sikuiyb.exe
C:\WINDOWS\System32\bmjk\oluhc.exe
C:\WINDOWS\System32\rtjbrdwb\klesuwt.exe
C:\WINDOWS\System32\fddw\hxfrljvu.exe
C:\WINDOWS\System32\txkumd\eaxvbx.exe
C:\WINDOWS\System32\topteyx\rhoyqgi.exe
C:\WINDOWS\System32\yeiy\yjhg.exe
C:\WINDOWS\System32\rjenws\uyghrac.exe
C:\WINDOWS\System32\bmtbf\xeoc.exe
C:\WINDOWS\System32\bkkbmhqy\grmmbts.exe
C:\WINDOWS\System32\gyhe\erowp.exe
C:\WINDOWS\System32\tfrqxjou\oiqlfjqf.exe
C:\WINDOWS\System32\yasabv\gyjvy.exe
C:\WINDOWS\System32\pmlmjobm\pfre.exe
C:\WINDOWS\System32\pmkdb\cmgyv.exe
C:\WINDOWS\System32\eubrlcjr\drhy.exe
C:\WINDOWS\System32\ctytarr\igtk.exe
C:\WINDOWS\System32\vuqjmgt\evofcqjc.exe
C:\WINDOWS\System32\wxglwmb\rknbxqrf.exe
C:\WINDOWS\System32\jfnonr\cewiw.exe
C:\WINDOWS\System32\tuphw\nsnel.exe
C:\WINDOWS\System32\hfgukg\ebwknq.exe
C:\WINDOWS\System32\jsymflg\lblggy.exe
C:\WINDOWS\System32\qwooeqx\xgqxjayd.exe
C:\WINDOWS\System32\vylg\jwxexbfb.exe
C:\WINDOWS\System32\dteg\hitiponr.exe
C:\WINDOWS\System32\emwbw\onlf.exe
C:\WINDOWS\System32\dnlniej\pjnpqpag.exe
C:\WINDOWS\System32\fgmicmk\oxdl.exe
C:\WINDOWS\System32\dkiq\qxlyip.exe
C:\WINDOWS\System32\aecvxtnj\kfaalr.exe
c:\progra~1\Support.com\client\bin\tgcmd.exe
C:\WINDOWS\System32\tilu\sarokk.exe
C:\WINDOWS\System32\cryv\jufa.exe
C:\WINDOWS\System32\wyxkboyg\mjrgsjo.exe
C:\WINDOWS\System32\breiclle\kallxig.exe
C:\WINDOWS\System32\olhova\ifilnqdk.exe
C:\WINDOWS\System32\qvlrfu\pdirwge.exe
C:\Program Files\Sony\VAIO Action Setup\VAServ.exe
C:\Program Files\CxtPls\CxtPls.exe
C:\Program Files\America Online 7.0a\waol.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\WINDOWS\System32\MsgSys.EXE
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\WINDOWS\System32\MOStat.exe
C:\Documents and Settings\Amanda\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://url.cpvfeed.com/cpv.jsp?p=110...uestId=4a2???? (obfuscated)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O1 - Hosts: 216.39.69.102 view.atdmt.com
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem220.dll
O2 - BHO: (no name) - {016235BE-59D4-4CEB-ADD5-E2378282A1D9} - C:\Program Files\CxtPls\cxtpls.dll
O2 - BHO: Network Essentials - {0421701D-CF13-4E70-ADF0-45A953E7CB8B} - C:\Program Files\Network Essentials\v16\NE.DLL
O2 - BHO: TChkBHO Class - {2A1FF118-2679-4E66-8768-86F60AD490A2} - C:\WINDOWS\system32\iyxiu.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Zango Search Assistant Helper - {56F1D444-11BF-4879-A12B-79CF0177F038} - c:\program files\zango\zangohook.dll (file missing)
O2 - BHO: LinkTracker Class - {8B6DA27E-7F64-4694-8F8F-DC87AB8C6B22} - C:\Program Files\Qlinks\qlink32.dll
O2 - BHO: (no name) - {8C0ACE31-734A-392C-F30E-9FBD7BB0A5E3} - C:\WINDOWS\System32\pysswhdr\xtdgcuqb.dll
O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\wsem303.dll
O2 - BHO: Related Page - {9A9C9B69-F908-4AAB-8D0C-10EA8997F37E} - C:\WINDOWS\System32\WinNB57.dll
O2 - BHO: IEHlprObj Class - {B78DB909-E6CE-4B4E-A582-C7CBA8D738C8} - C:\WINDOWS\system32\mob030612.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Related Page - {9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} - C:\WINDOWS\System32\WinNB57.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ZTgServerSwitch] c:\program files\support.com\client\lserver\server.vbs
O4 - HKLM\..\Run: [CleanupProgram] C:\Sonysys\cleanup.exe
O4 - HKLM\..\Run: [MovieNetworks] "C:\Program Files\MovieNetworks\MovieNetworks.exe" /H
O4 - HKLM\..\Run: [DownloadWare] "C:\Program Files\DownloadWare\dw.exe" /H
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [stcloader] C:\WINDOWS\System32\stcloader.exe
O4 - HKLM\..\Run: [winupdtl] C:\WINDOWS\System32\winupdtl.exe
O4 - HKLM\..\Run: [VBouncerDL] C:\Program Files\VBouncer\VBouncerInner.exe /S
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [t7rg37V] ieswoa.exe
O4 - HKLM\..\Run: [PMT] C:\Program Files\PMT\personalmoneytree.exe
O4 - HKLM\..\Run: [jelmliv] C:\WINDOWS\System32\ymyj\jelmliv.exe
O4 - HKLM\..\Run: [abfiy] C:\WINDOWS\System32\omwqi\abfiy.exe
O4 - HKLM\..\Run: [iffi] C:\WINDOWS\System32\xytj\iffi.exe
O4 - HKLM\..\Run: [rghhfgub] C:\WINDOWS\System32\nhsx\rghhfgub.exe
O4 - HKLM\..\Run: [ursm] C:\WINDOWS\System32\xhhlvmev\ursm.exe
O4 - HKLM\..\Run: [yirexd] C:\WINDOWS\System32\hlgec\yirexd.exe
O4 - HKLM\..\Run: [rrwndlpg] C:\WINDOWS\System32\miedvl\rrwndlpg.exe
O4 - HKLM\..\Run: [sbrgsv] C:\WINDOWS\System32\esqocfk\sbrgsv.exe
O4 - HKLM\..\Run: [kkgfxx] C:\WINDOWS\System32\egws\kkgfxx.exe
O4 - HKLM\..\Run: [lacjwxg] C:\WINDOWS\System32\xvgtxci\lacjwxg.exe
O4 - HKLM\..\Run: [edecjkoj] C:\WINDOWS\System32\nbuo\edecjkoj.exe
O4 - HKLM\..\Run: [lscoxog] C:\WINDOWS\System32\ukem\lscoxog.exe
O4 - HKLM\..\Run: [dxunrqp] C:\WINDOWS\System32\ebcugpf\dxunrqp.exe
O4 - HKLM\..\Run: [luhvjtg] C:\WINDOWS\System32\qpkeg\luhvjtg.exe
O4 - HKLM\..\Run: [hpeqo] C:\WINDOWS\System32\yvpv\hpeqo.exe
O4 - HKLM\..\Run: [lihvvjh] C:\WINDOWS\System32\lqycd\lihvvjh.exe
O4 - HKLM\..\Run: [sgvq] C:\WINDOWS\System32\kjapkir\sgvq.exe
O4 - HKLM\..\Run: [xfads] C:\WINDOWS\System32\wthvpx\xfads.exe
O4 - HKLM\..\Run: [tlnmhnc] C:\WINDOWS\System32\sjxrv\tlnmhnc.exe
O4 - HKLM\..\Run: [xgjwfmt] C:\WINDOWS\System32\bafjn\xgjwfmt.exe
O4 - HKLM\..\Run: [gobpsu] C:\WINDOWS\System32\cxqm\gobpsu.exe
O4 - HKLM\..\Run: [jojw] C:\WINDOWS\System32\rteq\jojw.exe
O4 - HKLM\..\Run: [fbfed] C:\WINDOWS\System32\mkktuum\fbfed.exe
O4 - HKLM\..\Run: [fktdya] C:\WINDOWS\System32\yygurocr\fktdya.exe
O4 - HKLM\..\Run: [wgsqgh] C:\WINDOWS\System32\wsvpsgj\wgsqgh.exe
O4 - HKLM\..\Run: [jliawjd] C:\WINDOWS\System32\bfhlhx\jliawjd.exe
O4 - HKLM\..\Run: [tawcjk] C:\WINDOWS\System32\dbwls\tawcjk.exe
O4 - HKLM\..\Run: [lqtucg] C:\WINDOWS\System32\skuek\lqtucg.exe
O4 - HKLM\..\Run: [rattllj] C:\WINDOWS\System32\lbuaa\rattllj.exe
O4 - HKLM\..\Run: [auit] C:\WINDOWS\System32\keyjqsfv\auit.exe
O4 - HKLM\..\Run: [cdlbtxdf] C:\WINDOWS\System32\sxuonkxn\cdlbtxdf.exe
O4 - HKLM\..\Run: [ngakdxv] C:\WINDOWS\System32\wfuk\ngakdxv.exe
O4 - HKLM\..\Run: [pfgfsap] C:\WINDOWS\System32\dtcbodm\pfgfsap.exe
O4 - HKLM\..\Run: [pnfgdvy] C:\WINDOWS\System32\bmxwgk\pnfgdvy.exe
O4 - HKLM\..\Run: [mntfhoj] C:\WINDOWS\System32\fjistp\mntfhoj.exe
O4 - HKLM\..\Run: [uoky] C:\WINDOWS\System32\lsjfltgk\uoky.exe
O4 - HKLM\..\Run: [ktepq] C:\WINDOWS\System32\bumeu\ktepq.exe
O4 - HKLM\..\Run: [mbok] C:\WINDOWS\System32\xcber\mbok.exe
O4 - HKLM\..\Run: [lfcdr] C:\WINDOWS\System32\bfryo\lfcdr.exe
O4 - HKLM\..\Run: [kufeskd] C:\WINDOWS\System32\bhpdqt\kufeskd.exe
O4 - HKLM\..\Run: [xpfgi] C:\WINDOWS\System32\pecpsa\xpfgi.exe
O4 - HKLM\..\Run: [wqpuiui] C:\WINDOWS\System32\ktyrr\wqpuiui.exe
O4 - HKLM\..\Run: [pxso] C:\WINDOWS\System32\kilcbdpy\pxso.exe
O4 - HKLM\..\Run: [hkywnop] C:\WINDOWS\System32\gvtd\hkywnop.exe
O4 - HKLM\..\Run: [aenloen] C:\WINDOWS\System32\hfnydlkd\aenloen.exe
O4 - HKLM\..\Run: [rfdiymkj] C:\WINDOWS\System32\nrevv\rfdiymkj.exe
O4 - HKLM\..\Run: [wufrni] C:\WINDOWS\System32\bdsglann\wufrni.exe
O4 - HKLM\..\Run: [jmnbmb] C:\WINDOWS\System32\ijrnreon\jmnbmb.exe
O4 - HKLM\..\Run: [bqvvcc] C:\WINDOWS\System32\rapjn\bqvvcc.exe
O4 - HKLM\..\Run: [krqfmdyq] C:\WINDOWS\System32\rpixe\krqfmdyq.exe
O4 - HKLM\..\Run: [xpwcifcp] C:\WINDOWS\System32\exttt\xpwcifcp.exe
O4 - HKLM\..\Run: [klabffy] C:\WINDOWS\System32\tqdjqpqw\klabffy.exe
O4 - HKLM\..\Run: [qkhekn] C:\WINDOWS\System32\uaubcsuf\qkhekn.exe
O4 - HKLM\..\Run: [bsdtwuyc] C:\WINDOWS\System32\tjxlelb\bsdtwuyc.exe
O4 - HKLM\..\Run: [rxdcmw] C:\WINDOWS\System32\swibgru\rxdcmw.exe
O4 - HKLM\..\Run: [qdpcycvb] C:\WINDOWS\System32\iere\qdpcycvb.exe
O4 - HKLM\..\Run: [dugo] C:\WINDOWS\System32\uobg\dugo.exe
O4 - HKLM\..\Run: [hnuek] C:\WINDOWS\System32\rqrctrc\hnuek.exe
O4 - HKLM\..\Run: [adajkbw] C:\WINDOWS\System32\ecan\adajkbw.exe
O4 - HKLM\..\Run: [fyuefwc] C:\WINDOWS\System32\wknlv\fyuefwc.exe
O4 - HKLM\..\Run: [qnlqe] C:\WINDOWS\System32\bcijsbe\qnlqe.exe
O4 - HKLM\..\Run: [dmkm] C:\WINDOWS\System32\tfkkhnu\dmkm.exe
O4 - HKLM\..\Run: [qukhopd] C:\WINDOWS\System32\jdkefpy\qukhopd.exe
O4 - HKLM\..\Run: [owbkbuuk] C:\WINDOWS\System32\hsibgne\owbkbuuk.exe
O4 - HKLM\..\Run: [fyusp] C:\WINDOWS\System32\axoolby\fyusp.exe
O4 - HKLM\..\Run: [fvaxmh] C:\WINDOWS\System32\ckdeeebs\fvaxmh.exe
O4 - HKLM\..\Run: [NI.UWFX6_0001_N68M2301] "C:\WINDOWS\Downloaded Program Files\UWFX6_0001_N68M2301NetInstaller.exe" -nag
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [vnpgiw] C:\WINDOWS\System32\lxubnh\vnpgiw.exe
O4 - HKLM\..\Run: [jsyjgu] C:\WINDOWS\System32\vpgy\jsyjgu.exe
O4 - HKLM\..\Run: [hlge] C:\WINDOWS\System32\epof\hlge.exe
O4 - HKLM\..\Run: [tujlkwg] C:\WINDOWS\System32\jdsmrhu\tujlkwg.exe
O4 - HKLM\..\Run: [aqpb] C:\WINDOWS\System32\sbqrr\aqpb.exe
O4 - HKLM\..\Run: [npqvuf] C:\WINDOWS\System32\kjqix\npqvuf.exe
O4 - HKLM\..\Run: [jteey] C:\WINDOWS\System32\yjpim\jteey.exe
O4 - HKLM\..\Run: [toebkalo] C:\WINDOWS\System32\bein\toebkalo.exe
O4 - HKLM\..\Run: [udbu] C:\WINDOWS\System32\ytkai\udbu.exe
O4 - HKLM\..\Run: [ylbj] C:\WINDOWS\System32\almo\ylbj.exe
O4 - HKLM\..\Run: [iaes] C:\WINDOWS\System32\ktyty\iaes.exe
O4 - HKLM\..\Run: [rhbrqbc] C:\WINDOWS\System32\cynkxm\rhbrqbc.exe
O4 - HKLM\..\Run: [njuhcqy] C:\WINDOWS\System32\wfwqme\njuhcqy.exe
O4 - HKLM\..\Run: [frytrsyy] C:\WINDOWS\System32\dwnlgold\frytrsyy.exe
O4 - HKLM\..\Run: [bsvy] C:\WINDOWS\System32\vsydemu\bsvy.exe
O4 - HKLM\..\Run: [vefw] C:\WINDOWS\System32\rumgi\vefw.exe
O4 - HKLM\..\Run: [uhye] C:\WINDOWS\System32\dcoavh\uhye.exe
O4 - HKLM\..\Run: [hnyeb] C:\WINDOWS\System32\ogef\hnyeb.exe
O4 - HKLM\..\Run: [xbajkobs] C:\WINDOWS\System32\lpsufgx\xbajkobs.exe
O4 - HKLM\..\Run: [tvkg] C:\WINDOWS\System32\ykypp\tvkg.exe
O4 - HKLM\..\Run: [nakf] C:\WINDOWS\System32\naxrjsgk\nakf.exe
O4 - HKLM\..\Run: [hbrqvo] C:\WINDOWS\System32\jrcy\hbrqvo.exe
O4 - HKLM\..\Run: [xojddul] C:\WINDOWS\System32\jgvnsdti\xojddul.exe
O4 - HKLM\..\Run: [sikuiyb] C:\WINDOWS\System32\oomjrte\sikuiyb.exe
O4 - HKLM\..\Run: [oluhc] C:\WINDOWS\System32\bmjk\oluhc.exe
O4 - HKLM\..\Run: [klesuwt] C:\WINDOWS\System32\rtjbrdwb\klesuwt.exe
O4 - HKLM\..\Run: [jyhr] C:\WINDOWS\System32\ssej\jyhr.exe
O4 - HKLM\..\Run: [hxfrljvu] C:\WINDOWS\System32\fddw\hxfrljvu.exe
O4 - HKLM\..\Run: [eaxvbx] C:\WINDOWS\System32\txkumd\eaxvbx.exe
O4 - HKLM\..\Run: [rhoyqgi] C:\WINDOWS\System32\topteyx\rhoyqgi.exe
O4 - HKLM\..\Run: [yjhg] C:\WINDOWS\System32\yeiy\yjhg.exe
O4 - HKLM\..\Run: [uyghrac] C:\WINDOWS\System32\rjenws\uyghrac.exe
O4 - HKLM\..\Run: [xeoc] C:\WINDOWS\System32\bmtbf\xeoc.exe
O4 - HKLM\..\Run: [grmmbts] C:\WINDOWS\System32\bkkbmhqy\grmmbts.exe
O4 - HKLM\..\Run: [erowp] C:\WINDOWS\System32\gyhe\erowp.exe
O4 - HKLM\..\Run: [oiqlfjqf] C:\WINDOWS\System32\tfrqxjou\oiqlfjqf.exe
O4 - HKLM\..\Run: [gyjvy] C:\WINDOWS\System32\yasabv\gyjvy.exe
O4 - HKLM\..\Run: [nkxeg] C:\WINDOWS\System32\yldoxpe\nkxeg.exe
O4 - HKLM\..\Run: [pfre] C:\WINDOWS\System32\pmlmjobm\pfre.exe
O4 - HKLM\..\Run: [chovumj] C:\WINDOWS\System32\sijao\chovumj.exe
O4 - HKLM\..\Run: [cmgyv] C:\WINDOWS\System32\pmkdb\cmgyv.exe
O4 - HKLM\..\Run: [lrvgtso] C:\WINDOWS\System32\gdukikk\lrvgtso.exe
O4 - HKLM\..\Run: [drhy] C:\WINDOWS\System32\eubrlcjr\drhy.exe
O4 - HKLM\..\Run: [igtk] C:\WINDOWS\System32\ctytarr\igtk.exe
O4 - HKLM\..\Run: [evofcqjc] C:\WINDOWS\System32\vuqjmgt\evofcqjc.exe
O4 - HKLM\..\Run: [tqieq] C:\WINDOWS\System32\ehwfntch\tqieq.exe
O4 - HKLM\..\Run: [rknbxqrf] C:\WINDOWS\System32\wxglwmb\rknbxqrf.exe
O4 - HKLM\..\Run: [cewiw] C:\WINDOWS\System32\jfnonr\cewiw.exe
O4 - HKLM\..\Run: [nsnel] C:\WINDOWS\System32\tuphw\nsnel.exe
O4 - HKLM\..\Run: [ebwknq] C:\WINDOWS\System32\hfgukg\ebwknq.exe
O4 - HKLM\..\Run: [lblggy] C:\WINDOWS\System32\jsymflg\lblggy.exe
O4 - HKLM\..\Run: [xgqxjayd] C:\WINDOWS\System32\qwooeqx\xgqxjayd.exe
O4 - HKLM\..\Run: [jwxexbfb] C:\WINDOWS\System32\vylg\jwxexbfb.exe
O4 - HKLM\..\Run: [hrbupnuo] C:\WINDOWS\System32\tfnujd\hrbupnuo.exe
O4 - HKLM\..\Run: [hitiponr] C:\WINDOWS\System32\dteg\hitiponr.exe
O4 - HKLM\..\Run: [wfxbq] C:\WINDOWS\System32\usptamp\wfxbq.exe
O4 - HKLM\..\Run: [onlf] C:\WINDOWS\System32\emwbw\onlf.exe
O4 - HKLM\..\Run: [pjnpqpag] C:\WINDOWS\System32\dnlniej\pjnpqpag.exe
O4 - HKLM\..\Run: [oxdl] C:\WINDOWS\System32\fgmicmk\oxdl.exe
O4 - HKLM\..\Run: [qxlyip] C:\WINDOWS\System32\dkiq\qxlyip.exe
O4 - HKLM\..\Run: [kfaalr] C:\WINDOWS\System32\aecvxtnj\kfaalr.exe
O4 - HKLM\..\Run: [sarokk] C:\WINDOWS\System32\tilu\sarokk.exe
O4 - HKLM\..\Run: [yppoud] C:\WINDOWS\System32\cnlhjh\yppoud.exe
O4 - HKLM\..\Run: [ijxvki] C:\WINDOWS\System32\xhhevxsx\ijxvki.exe
O4 - HKLM\..\Run: [jufa] C:\WINDOWS\System32\cryv\jufa.exe
O4 - HKLM\..\Run: [mjrgsjo] C:\WINDOWS\System32\wyxkboyg\mjrgsjo.exe
O4 - HKLM\..\Run: [kallxig] C:\WINDOWS\System32\breiclle\kallxig.exe
O4 - HKLM\..\Run: [ifilnqdk] C:\WINDOWS\System32\olhova\ifilnqdk.exe
O4 - HKLM\..\Run: [pdirwge] C:\WINDOWS\System32\qvlrfu\pdirwge.exe
O4 - HKLM\..\Run: [orfrmt] C:\WINDOWS\System32\pdii\orfrmt.exe
O4 - HKLM\..\Run: [plwsplbo] C:\WINDOWS\System32\ycphs\plwsplbo.exe
O4 - HKLM\..\Run: [jmlriwcv] C:\WINDOWS\System32\ntgfo\jmlriwcv.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: America Online 7.0 Tray Icon.lnk = C:\Program Files\America Online 7.0a\aoltray.exe
O4 - Global Startup: VAIO Action Setup (Server).lnk = ?
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 - Trusted Zone: *.crosskirknet.com (HKLM)
O15 - Trusted Zone: *.dollarrevenue.com (HKLM)
O15 - Trusted Zone: *.errorsafe.com (HKLM)
O15 - Trusted Zone: *.filesharingaccess.com (HKLM)
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: *.gimmysmileys.com (HKLM)
O15 - Trusted Zone: *.imagesrvr.com (HKLM)
O15 - Trusted Zone: *.kabum.pl (HKLM)
O15 - Trusted Zone: *.kazaa-forum.com (HKLM)
O15 - Trusted Zone: *.media-motor.com (HKLM)
O15 - Trusted Zone: *.media-motor.net (HKLM)
O15 - Trusted Zone: *.mediatickets.net (HKLM)
O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
O15 - Trusted Zone: *.mt-download.com (HKLM)
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O15 - Trusted Zone: *.traffic-stats.org (HKLM)
O15 - Trusted Zone: *.winantivirus.com (HKLM)
O15 - Trusted Zone: *.windupdates.com (HKLM)
O15 - Trusted Zone: *.winfixer.com (HKLM)
O15 - Trusted Zone: *.xxxtoolbar.com (HKLM)
O15 - Trusted Zone: *.yoursitebar.com (HKLM)
O15 - Trusted Zone: *.ysbweb.com (HKLM)
O15 - Trusted Zone: *.zango.com (HKLM)
O15 - Trusted Zone: *.zangocash.com (HKLM)
O16 - DPF: {072D3F2E-5FB6-11D3-B461-00C04FA35A21} (CFForm Runtime) - http://www.pbcprc.com/CFIDE/classes/CFJava.cab
O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://c:\nenenc.mht!http://crosskirknet.com/script/cnet.chm::/cnet.exe
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540013} (CInstall Class) - http://adserver.sharewareonline.com/...er/Install.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_mp3.cab
O16 - DPF: {4E7BD74F-2B8D-469E-DEFA-EB76B1D5FA7D} - http://lovefreegames.aavalue.com/LFG...FG-toolbar.cab
O16 - DPF: {7149E79C-DC19-4C5E-A53C-A54DDF75EEE9} (IObjSafety.DemoCtl) - ms-its:mhtml:file://c:\nenenm.mht!http://crosskirknet.com/script/mma.chm::/alien.cab
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} (Mirar_Dummy_ATS1 Class) - http://awbeta.net-nucleus.com/FIX/WinATS.cab
O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} (MediaGatewayX) - http://static.zangocash.com/cab/Zang...ridge-c139.cab
O16 - DPF: {9DBAFCCF-592F-FFFF-FFFF-00608CEC297B} - http://start1.aaa1screensavers.com/10078.exe
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} - ms-its:mhtml:file://c:\nenent.mht!http://crosskirknet.com/script/mta.c...sInstaller.cab
O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - ms-its:mhtml:file://c:\nenenw.mht!http://crosskirknet.com/script/winfi...reeInstall.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - http://download.toontown.com/sv1.0.15.31/ttinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/...sh/swflash.cab
O16 - DPF: {EB6AFDAB-E16D-430B-A5EE-0408A12289DC} - http://download.mediacharger.com/movienetworks.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7C7A1227-FF2A-4F4C-9D89-B27BCD830995}: NameServer = 205.188.146.145
O18 - Filter: text/html - {DFAA31C8-A356-4313-9D95-5EDAB46C5070} - C:\Program Files\Qlinks\qlink32.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: aqpbsbqrr - Unknown owner - C:\WINDOWS\System32\sbqrr\aqpb.exe
O23 - Service: bqvvccrapjn - Unknown owner - C:\WINDOWS\System32\rapjn\bqvvcc.exe
O23 - Service: DefWatch - Unknown owner - C:\Program Files\NavNT\defwatch.exe (file missing)
O23 - Service: fyuspaxoolby - Unknown owner - C:\WINDOWS\System32\axoolby\fyusp.exe
O23 - Service: hnyebogef - Unknown owner - C:\WINDOWS\System32\ogef\hnyeb.exe
O23 - Service: jyhrssej - Unknown owner - C:\WINDOWS\System32\ssej\jyhr.exe
O23 - Service: krqfmdyqrpixe - Unknown owner - C:\WINDOWS\System32\rpixe\krqfmdyq.exe
O23 - Service: lacjwxgxvgtxci - Unknown owner - C:\WINDOWS\System32\xvgtxci\lacjwxg.exe
O23 - Service: luhvjtgqpkeg - Unknown owner - C:\WINDOWS\System32\qpkeg\luhvjtg.exe
O23 - Service: pnfgdvybmxwgk - Unknown owner - C:\WINDOWS\System32\bmxwgk\pnfgdvy.exe
O23 - Service: qukhopdjdkefpy - Unknown owner - C:\WINDOWS\System32\jdkefpy\qukhopd.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: ursmxhhlvmev - Unknown owner - C:\WINDOWS\System32\xhhlvmev\ursm.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Winkeri - Unknown owner - C:\WINDOWS\System32\Winkeri.exe
O23 - Service: xgjwfmtbafjn - Unknown owner - C:\WINDOWS\System32\bafjn\xgjwfmt.exe
O23 - Service: yppoudcnlhjh - Unknown owner - C:\WINDOWS\System32\cnlhjh\yppoud.exe