Hijackthis Log

[kohu]

My problem is my computer is running a lot slower than normal. Please help.

Logfile of HijackThis v1.99.1

Scan saved at 10:36:30 AM, on 3/10/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\wscntfy.exe

C:\windows\system\hpsysdrv.exe

C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

C:\WINDOWS\System32\hphmon05.exe

C:\WINDOWS\system32\VTTimer.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\WINDOWS\ALCXMNTR.EXE

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\HP\KBD\KBD.EXE

C:\Program Files\Lexmark 2400 Series\lxcrmon.exe

C:\Program Files\Lexmark 2400 Series\ezprint.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\Cyb2k.exe

C:\Program Files\Messenger\msmsgs.exe

C:\WINDOWS\system32\RunDll32.exe

C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE

C:\Program Files\WiFiConnector\NintendoWFCReg.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\HJT\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx

O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe

O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [updateManager] "c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [ink Monitor] C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"

O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"

O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [C2K] C:\WINDOWS\Cyb2k.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [backupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe

O4 - HKCU\..\Run: [com11N] RunDll32.exe C:\WINDOWS\system32\com11N.dll,Setup

O4 - HKCU\..\Run: [netcfgx] C:\WINDOWS\system32\netcfgx.exe

O4 - HKCU\..\Run: [wxluql] "C:\WINDOWS\system32\wxluql.exe"

O4 - HKCU\..\Run: [webclnt] C:\WINDOWS\system32\webclnt.exe

O4 - HKCU\..\Run: [dx8vb] C:\WINDOWS\system32\dx8vb.exe

O4 - HKCU\..\Run: [bitsprx3] C:\WINDOWS\system32\bitsprx3.exe

O4 - HKCU\..\Run: [mspmsp] C:\WINDOWS\system32\mspmsp.exe

O4 - HKCU\..\Run: [usrcntra] C:\WINDOWS\system32\usrcntra.exe

O4 - HKCU\..\Run: [odbcji32] C:\WINDOWS\system32\odbcji32.exe

O4 - HKCU\..\Run: [t2embed] C:\WINDOWS\system32\t2embed.exe

O4 - HKCU\..\Run: [explorer] C:\WINDOWS\explorer.exe

O4 - HKCU\..\Run: [kbdycc] C:\WINDOWS\system32\kbdycc.exe

O4 - HKCU\..\Run: [iexplore] C:\Program Files\Internet Explorer\iexplore.exe

O4 - HKCU\..\Run: [msidntld] C:\WINDOWS\system32\msidntld.exe

O4 - HKCU\..\Run: [plustab] C:\WINDOWS\system32\plustab.exe

O4 - HKCU\..\Run: [mprui] C:\WINDOWS\system32\mprui.exe

O4 - HKCU\..\Run: [wshtcpip] C:\WINDOWS\system32\wshtcpip.exe

O4 - HKCU\..\Run: [borlndmm] C:\WINDOWS\system32\borlndmm.exe

O4 - HKCU\..\Run: [setupapi] C:\WINDOWS\system32\setupapi.exe

O4 - HKCU\..\Run: [rasser] C:\WINDOWS\system32\rasser.exe

O4 - HKCU\..\Run: [lxcrinst] C:\WINDOWS\system32\lxcrinst.exe

O4 - HKCU\..\Run: [ltimg10n] C:\WINDOWS\system32\ltimg10n.exe

O4 - HKCU\..\Run: [cic] C:\WINDOWS\system32\cic.exe

O4 - HKCU\..\Run: [msnsspc] C:\WINDOWS\system32\msnsspc.exe

O4 - HKCU\..\Run: [sclgntfy] C:\WINDOWS\system32\sclgntfy.exe

O4 - HKCU\..\Run: [clbcatex] C:\WINDOWS\system32\clbcatex.exe

O4 - HKCU\..\Run: [apphelp] C:\WINDOWS\system32\apphelp.exe

O4 - HKCU\..\Run: [odbccr32] C:\WINDOWS\system32\odbccr32.exe

O4 - HKCU\..\Run: [rtipxmib] C:\WINDOWS\system32\rtipxmib.exe

O4 - HKCU\..\Run: [kbdic] C:\WINDOWS\system32\kbdic.exe

O4 - HKCU\..\Run: [lxcrinsb] C:\WINDOWS\system32\lxcrinsb.exe

O4 - HKCU\..\Run: [cfgmgr32] C:\WINDOWS\system32\cfgmgr32.exe

O4 - HKCU\..\Run: [miglibnt] C:\WINDOWS\system32\miglibnt.exe

O4 - HKCU\..\Run: [ativvaxx] C:\WINDOWS\system32\ativvaxx.exe

O4 - HKCU\..\Run: [itss] C:\WINDOWS\system32\itss.exe

O4 - HKCU\..\Run: [esentprf] C:\WINDOWS\system32\esentprf.exe

O4 - HKCU\..\Run: [ltkrn11n] C:\WINDOWS\system32\ltkrn11n.exe

O4 - HKCU\..\Run: [ccfgnt] C:\WINDOWS\system32\ccfgnt.exe

O4 - HKCU\..\Run: [1] "C:\WINDOWS\system32\1.exe"

O4 - HKCU\..\Run: [wdlsjm] "C:\WINDOWS\system32\wdlsjm.exe"

O4 - HKCU\..\Run: [wtgac] "C:\WINDOWS\system32\wtgac.exe"

O4 - HKCU\..\Run: [wjmyret] "C:\WINDOWS\system32\wjmyret.exe"

O4 - HKCU\..\Run: [wpwerlgs] "C:\WINDOWS\system32\wpwerlgs.exe"

O4 - HKCU\..\Run: [iassam] C:\WINDOWS\system32\iassam.exe

O4 - HKCU\..\Run: [walfwey] "C:\WINDOWS\system32\walfwey.exe"

O4 - HKCU\..\Run: [wfuotvq] "C:\WINDOWS\system32\wfuotvq.exe"

O4 - HKCU\..\Run: [wlmjiko] "C:\WINDOWS\system32\wlmjiko.exe"

O4 - HKCU\..\Run: [wrpmu] "C:\WINDOWS\system32\wrpmu.exe"

O4 - HKCU\..\Run: [wyxb] "C:\WINDOWS\system32\wyxb.exe"

O4 - HKCU\..\Run: [wgujry] "C:\WINDOWS\system32\wgujry.exe"

O4 - HKCU\..\Run: [wpscpw] "C:\WINDOWS\system32\wpscpw.exe"

O4 - HKCU\..\Run: [wgrwnvqgm] "C:\WINDOWS\system32\wgrwnvqgm.exe"

O4 - HKCU\..\Run: [wmrnxn] "C:\WINDOWS\system32\wmrnxn.exe"

O4 - HKCU\..\Run: [wesh] "C:\WINDOWS\system32\wesh.exe"

O4 - HKCU\..\Run: [wxxkobjhf] "C:\WINDOWS\system32\wxxkobjhf.exe"

O4 - HKCU\..\Run: [wynbnuob] "C:\WINDOWS\system32\wynbnuob.exe"

O4 - HKCU\..\Run: [wvfp] "C:\WINDOWS\system32\wvfp.exe"

O4 - HKCU\..\Run: [wfqnxn] "C:\WINDOWS\system32\wfqnxn.exe"

O4 - HKCU\..\Run: [wpeyo] "C:\WINDOWS\system32\wpeyo.exe"

O4 - HKCU\..\Run: [wcrwtyb] "C:\WINDOWS\system32\wcrwtyb.exe"

O4 - HKCU\..\Run: [wbdjkku] "C:\WINDOWS\system32\wbdjkku.exe"

O4 - HKCU\..\Run: [wwftyxj] "C:\WINDOWS\system32\wwftyxj.exe"

O4 - HKCU\..\Run: [wvuctb] "C:\WINDOWS\system32\wvuctb.exe"

O4 - HKCU\..\Run: [wreilv] "C:\WINDOWS\system32\wreilv.exe"

O4 - HKCU\..\Run: [wgntey] "C:\WINDOWS\system32\wgntey.exe"

O4 - HKCU\..\Run: [wobwoma] "C:\WINDOWS\system32\wobwoma.exe"

O4 - HKCU\..\Run: [wxjisu] "C:\WINDOWS\system32\wxjisu.exe"

O4 - HKCU\..\Run: [wqkfnpt] "C:\WINDOWS\system32\wqkfnpt.exe"

O4 - HKCU\..\Run: [wwnbta] "C:\WINDOWS\system32\wwnbta.exe"

O4 - HKCU\..\Run: [warxgjt] "C:\WINDOWS\system32\warxgjt.exe"

O4 - HKCU\..\Run: [wtgnd] "C:\WINDOWS\system32\wtgnd.exe"

O4 - HKCU\..\Run: [wgnryw] "C:\WINDOWS\system32\wgnryw.exe"

O4 - HKCU\..\Run: [wrtg] "C:\WINDOWS\system32\wrtg.exe"

O4 - HKCU\..\Run: [wunwcma] "C:\WINDOWS\system32\wunwcma.exe"

O4 - HKCU\..\Run: [wsj] "C:\WINDOWS\system32\wsj.exe"

O4 - HKCU\..\Run: [wjmmyu] "C:\WINDOWS\system32\wjmmyu.exe"

O4 - HKCU\..\Run: [wqdksiek] "C:\WINDOWS\system32\wqdksiek.exe"

O4 - HKCU\..\Run: [wukkg] "C:\WINDOWS\system32\wukkg.exe"

O4 - HKCU\..\Run: [wvcfyks] "C:\WINDOWS\system32\wvcfyks.exe"

O4 - HKCU\..\Run: [wgpmhm] "C:\WINDOWS\system32\wgpmhm.exe"

O4 - HKCU\..\Run: [wemoy] "C:\WINDOWS\system32\wemoy.exe"

O4 - HKCU\..\Run: [wurjhsw] "C:\WINDOWS\system32\wurjhsw.exe"

O4 - HKCU\..\Run: [wped] "C:\WINDOWS\system32\wped.exe"

O4 - HKCU\..\Run: [wkxoujg] "C:\WINDOWS\system32\wkxoujg.exe"

O4 - HKCU\..\Run: [wwwwgt] "C:\WINDOWS\system32\wwwwgt.exe"

O4 - HKCU\..\Run: [wcdvmom] "C:\WINDOWS\system32\wcdvmom.exe"

O4 - HKCU\..\Run: [wwfj] "C:\WINDOWS\system32\wwfj.exe"

O4 - HKCU\..\Run: [wgdqmoxtd] "C:\WINDOWS\system32\wgdqmoxtd.exe"

O4 - HKCU\..\Run: [wcmhvms] "C:\WINDOWS\system32\wcmhvms.exe"

O4 - HKCU\..\Run: [wrfquawcj] "C:\WINDOWS\system32\wrfquawcj.exe"

O4 - HKCU\..\Run: [wcfr] "C:\WINDOWS\system32\wcfr.exe"

O4 - HKCU\..\Run: [wrvrj] "C:\WINDOWS\system32\wrvrj.exe"

O4 - HKCU\..\Run: [wqjmqkg] "C:\WINDOWS\system32\wqjmqkg.exe"

O4 - HKCU\..\Run: [woj] "C:\WINDOWS\system32\woj.exe"

O4 - HKCU\..\Run: [wmigeqpw] "C:\WINDOWS\system32\wmigeqpw.exe"

O4 - HKCU\..\Run: [wtqkmgq] "C:\WINDOWS\system32\wtqkmgq.exe"

O4 - HKCU\..\Run: [whbs] "C:\WINDOWS\system32\whbs.exe"

O4 - HKCU\..\Run: [wpor] "C:\WINDOWS\system32\wpor.exe"

O4 - HKCU\..\Run: [wyvo] "C:\WINDOWS\system32\wyvo.exe"

O4 - HKCU\..\Run: [wrrwqvh] "C:\WINDOWS\system32\wrrwqvh.exe"

O4 - HKCU\..\Run: [wghj] "C:\WINDOWS\system32\wghj.exe"

O4 - HKCU\..\Run: [webtxa] "C:\WINDOWS\system32\webtxa.exe"

O4 - HKCU\..\Run: [whdtymxgf] "C:\WINDOWS\system32\whdtymxgf.exe"

O4 - HKCU\..\Run: [wedbrt] "C:\WINDOWS\system32\wedbrt.exe"

O4 - HKCU\..\Run: [wtcje] "C:\WINDOWS\system32\wtcje.exe"

O4 - HKCU\..\Run: [wvcbiks] "C:\WINDOWS\system32\wvcbiks.exe"

O4 - HKCU\..\Run: [wejl] "C:\WINDOWS\system32\wejl.exe"

O4 - HKCU\..\Run: [wdti] "C:\WINDOWS\system32\wdti.exe"

O4 - HKCU\..\Run: [wjtxbwq] "C:\WINDOWS\system32\wjtxbwq.exe"

O4 - HKCU\..\Run: [wprwkn] "C:\WINDOWS\system32\wprwkn.exe"

O4 - HKCU\..\Run: [wlmgrhuq] "C:\WINDOWS\system32\wlmgrhuq.exe"

O4 - HKCU\..\Run: [wpm] "C:\WINDOWS\system32\wpm.exe"

O4 - HKCU\..\Run: [wujja] "C:\WINDOWS\system32\wujja.exe"

O4 - HKCU\..\Run: [wreptjplh] "C:\WINDOWS\system32\wreptjplh.exe"

O4 - HKCU\..\Run: [wie] "C:\WINDOWS\system32\wie.exe"

O4 - HKCU\..\Run: [wxumr] "C:\WINDOWS\system32\wxumr.exe"

O4 - HKCU\..\Run: [whlyke] "C:\WINDOWS\system32\whlyke.exe"

O4 - HKCU\..\Run: [HTFU] "C:\Documents and Settings\Pete's\HTFU.exe"

O4 - HKCU\..\Run: [wdbyl] "C:\WINDOWS\system32\wdbyl.exe"

O4 - HKCU\..\Run: [GGAI] "C:\Documents and Settings\Pete's\GGAI.exe"

O4 - HKCU\..\Run: [wqkmtpmte] "C:\WINDOWS\system32\wqkmtpmte.exe"

O4 - HKCU\..\Run: [FFIP] "C:\Documents and Settings\Pete's\FFIP.exe"

O4 - HKCU\..\Run: [wsqyk] "C:\WINDOWS\system32\wsqyk.exe"

O4 - HKCU\..\Run: [CEPN] "C:\Documents and Settings\Pete's\CEPN.exe"

O4 - HKCU\..\Run: [wne] "C:\WINDOWS\system32\wne.exe"

O4 - HKCU\..\Run: [wrxpwr] "C:\WINDOWS\system32\wrxpwr.exe"

O4 - HKCU\..\Run: [bQDN] "C:\Documents and Settings\Pete's\BQDN.exe"

O4 - HKCU\..\Run: [wtbt] "C:\WINDOWS\system32\wtbt.exe"

O4 - HKCU\..\Run: [wln] "C:\WINDOWS\system32\wln.exe"

O4 - HKCU\..\Run: [TJNU] "C:\Documents and Settings\Pete's\TJNU.exe"

O4 - HKCU\..\Run: [wfgmprnv] "C:\WINDOWS\system32\wfgmprnv.exe"

O4 - HKCU\..\Run: [QFPB] "C:\Documents and Settings\Pete's\QFPB.exe"

O4 - HKCU\..\Run: [wmrpkj] "C:\WINDOWS\system32\wmrpkj.exe"

O4 - HKCU\..\Run: [FOJQ] "C:\Documents and Settings\Pete's\FOJQ.exe"

O4 - HKCU\..\Run: [whthvk] "C:\WINDOWS\system32\whthvk.exe"

O4 - HKCU\..\Run: [JMKP] "C:\Documents and Settings\Pete's\JMKP.exe"

O4 - HKCU\..\Run: [wdlvxemj] "C:\WINDOWS\system32\wdlvxemj.exe"

O4 - HKCU\..\Run: [QSFD] "C:\Documents and Settings\Pete's\QSFD.exe"

O4 - HKCU\..\Run: [wyvvbbsy] "C:\WINDOWS\system32\wyvvbbsy.exe"

O4 - HKCU\..\Run: [iQSI] "C:\Documents and Settings\Pete's\IQSI.exe"

O4 - HKCU\..\Run: [wdnwoqo] "C:\WINDOWS\system32\wdnwoqo.exe"

O4 - HKCU\..\Run: [PANG] "C:\Documents and Settings\Pete's\PANG.exe"

O4 - HKCU\..\Run: [wprkjp] "C:\WINDOWS\system32\wprkjp.exe"

O4 - HKCU\..\Run: [GMBA] "C:\Documents and Settings\Pete's\GMBA.exe"

O4 - HKCU\..\Run: [wbkirlj] "C:\WINDOWS\system32\wbkirlj.exe"

O4 - HKCU\..\Run: [EEIS] "C:\Documents and Settings\Pete's\EEIS.exe"

O4 - HKCU\..\Run: [wcbfdu] "C:\WINDOWS\system32\wcbfdu.exe"

O4 - HKCU\..\Run: [EGAF] "C:\Documents and Settings\Pete's\EGAF.exe"

O4 - HKCU\..\Run: [NJRB] "C:\Documents and Settings\Pete's\NJRB.exe"

O4 - HKCU\..\Run: [PJNC] "C:\Documents and Settings\Pete's\PJNC.exe"

O4 - HKCU\..\Run: [bUIC] "C:\Documents and Settings\Pete's\BUIC.exe"

O4 - HKCU\..\Run: [GNMS] "C:\Documents and Settings\Pete's\GNMS.exe"

O4 - HKCU\..\Run: [CGAH] "C:\Documents and Settings\Pete's\CGAH.exe"

O4 - HKCU\..\Run: [TDOB] "C:\Documents and Settings\Pete's\TDOB.exe"

O4 - HKCU\..\Run: [LJGR] "C:\Documents and Settings\Pete's\LJGR.exe"

O4 - HKCU\..\Run: [iULQ] "C:\Documents and Settings\Pete's\IULQ.exe"

O4 - HKCU\..\Run: [PTUU] "C:\Documents and Settings\Pete's\PTUU.exe"

O4 - HKCU\..\Run: [NIJD] "C:\Documents and Settings\Pete's\NIJD.exe"

O4 - HKCU\..\Run: [CQSD] "C:\Documents and Settings\Pete's\CQSD.exe"

O4 - HKCU\..\Run: [EETM] "C:\Documents and Settings\Pete's\EETM.exe"

O4 - HKCU\..\Run: [TCIM] "C:\Documents and Settings\Pete's\TCIM.exe"

O4 - HKCU\..\Run: [GASJ] "C:\Documents and Settings\Pete's\GASJ.exe"

O4 - HKCU\..\Run: [iHSD] "C:\Documents and Settings\Pete's\IHSD.exe"

O4 - HKCU\..\Run: [RKGH] "C:\Documents and Settings\Pete's\RKGH.exe"

O4 - HKCU\..\Run: [JOMC] "C:\Documents and Settings\Pete's\JOMC.exe"

O4 - HKCU\..\Run: [iLCK] "C:\Documents and Settings\Pete's\ILCK.exe"

O4 - HKCU\..\Run: [KRQU] "C:\Documents and Settings\Pete's\KRQU.exe"

O4 - HKCU\..\Run: [MGGP] "C:\Documents and Settings\Pete's\MGGP.exe"

O4 - HKCU\..\Run: [DDKD] "C:\WINDOWS\system32\DDKD.exe"

O4 - HKCU\..\Run: [HLID] "C:\WINDOWS\system32\HLID.exe"

O4 - HKCU\..\Run: [PIQJ] "C:\Documents and Settings\Pete's\PIQJ.exe"

O4 - HKCU\..\Run: [iAQM] "C:\Documents and Settings\Pete's\IAQM.exe"

O4 - HKCU\..\Run: [HCAR] "C:\Documents and Settings\Pete's\HCAR.exe"

O4 - HKCU\..\Run: [TDRF] "C:\Documents and Settings\Pete's\TDRF.exe"

O4 - HKCU\..\Run: [APFK] "C:\Documents and Settings\Pete's\APFK.exe"

O4 - HKCU\..\Run: [EATI] "C:\Documents and Settings\Pete's\EATI.exe"

O4 - HKCU\..\Run: [AGKN] "C:\Documents and Settings\Pete's\AGKN.exe"

O4 - HKCU\..\Run: [HPHK] "C:\Documents and Settings\Pete's\HPHK.exe"

O4 - HKCU\..\Run: [bPNB] "C:\Documents and Settings\Pete's\BPNB.exe"

O4 - HKCU\..\Run: [DHES] "C:\Documents and Settings\Pete's\DHES.exe"

O4 - HKCU\..\Run: [TSMB] "C:\Documents and Settings\Pete's\TSMB.exe"

O4 - HKCU\..\Run: [OKFI] "C:\Documents and Settings\Pete's\OKFI.exe"

O4 - HKCU\..\Run: [OMLF] "C:\Documents and Settings\Pete's\OMLF.exe"

O4 - HKCU\..\Run: [KIJM] "C:\Documents and Settings\Pete's\KIJM.exe"

O4 - HKCU\..\Run: [KICA] "C:\Documents and Settings\Pete's\KICA.exe"

O4 - HKCU\..\Run: [QGRL] "C:\Documents and Settings\Pete's\QGRL.exe"

O4 - HKCU\..\Run: [EUMS] "C:\Documents and Settings\Pete's\EUMS.exe"

O4 - HKCU\..\Run: [MECC] "C:\Documents and Settings\Pete's\MECC.exe"

O4 - HKCU\..\Run: [LNJK] "C:\Documents and Settings\Pete's\LNJK.exe"

O4 - HKCU\..\Run: [QEIH] "C:\Documents and Settings\Pete's\QEIH.exe"

O4 - HKCU\..\Run: [iNNF] "C:\Documents and Settings\Pete's\INNF.exe"

O4 - HKCU\..\Run: [LQIH] "C:\Documents and Settings\Pete's\LQIH.exe"

O4 - HKCU\..\Run: [OJEE] "C:\Documents and Settings\Pete's\OJEE.exe"

O4 - HKCU\..\Run: [PDUJ] "C:\Documents and Settings\Pete's\PDUJ.exe"

O4 - HKCU\..\Run: [JJNT] "C:\Documents and Settings\Pete's\JJNT.exe"

O4 - HKCU\..\Run: [ESJU] "C:\Documents and Settings\Pete's\ESJU.exe"

O4 - HKCU\..\Run: [KUQC] "C:\Documents and Settings\Pete's\KUQC.exe"

O4 - HKCU\..\Run: [KRIB] "C:\Documents and Settings\Pete's\KRIB.exe"

O4 - HKCU\..\Run: [TCPU] "C:\Documents and Settings\Pete's\TCPU.exe"

O4 - HKCU\..\Run: [NUIC] "C:\Documents and Settings\Pete's\NUIC.exe"

O4 - HKCU\..\Run: [DRKH] "C:\Documents and Settings\Pete's\DRKH.exe"

O4 - HKCU\..\Run: [NDMN] "C:\Documents and Settings\Pete's\NDMN.exe"

O4 - HKCU\..\Run: [FJNK] "C:\Documents and Settings\Pete's\FJNK.exe"

O4 - HKCU\..\Run: [bBBQ] "C:\Documents and Settings\Pete's\BBBQ.exe"

O4 - HKCU\..\Run: [KDLD] "C:\Documents and Settings\Pete's\KDLD.exe"

O4 - HKCU\..\Run: [LTBU] "C:\Documents and Settings\Pete's\LTBU.exe"

O4 - HKCU\..\Run: [NGNF] "C:\Documents and Settings\Pete's\NGNF.exe"

O4 - HKCU\..\Run: [RNNE] "C:\Documents and Settings\Pete's\RNNE.exe"

O4 - HKCU\..\Run: [RUUA] "C:\Documents and Settings\Pete's\RUUA.exe"

O4 - HKCU\..\Run: [PINM] "C:\Documents and Settings\Pete's\PINM.exe"

O4 - HKCU\..\Run: [TREO] "C:\Documents and Settings\Pete's\TREO.exe"

O4 - HKCU\..\Run: [GORF] "C:\Documents and Settings\Pete's\GORF.exe"

O4 - HKCU\..\Run: [bSGS] "C:\Documents and Settings\Pete's\BSGS.exe"

O4 - HKCU\..\Run: [FHNC] "C:\Documents and Settings\Pete's\FHNC.exe"

O4 - HKCU\..\Run: [JPIT] "C:\Documents and Settings\Pete's\JPIT.exe"

O4 - HKCU\..\Run: [DAPT] "C:\Documents and Settings\Pete's\DAPT.exe"

O4 - HKCU\..\Run: [KBCP] "C:\Documents and Settings\Pete's\KBCP.exe"

O4 - HKCU\..\Run: [QLUE] "C:\Documents and Settings\Pete's\QLUE.exe"

O4 - HKCU\..\Run: [DKBR] "C:\Documents and Settings\Pete's\DKBR.exe"

O4 - HKCU\..\Run: [RGGK] "C:\Documents and Settings\Pete's\RGGK.exe"

O4 - HKCU\..\Run: [iUMR] "C:\Documents and Settings\Pete's\IUMR.exe"

O4 - HKCU\..\Run: [JNTT] "C:\Documents and Settings\Pete's\JNTT.exe"

O4 - HKCU\..\Run: [MMIK] "C:\Documents and Settings\Pete's\MMIK.exe"

O4 - HKCU\..\Run: [JPAS] "C:\Documents and Settings\Pete's\JPAS.exe"

O4 - HKCU\..\Run: [FRLK] "C:\Documents and Settings\Pete's\FRLK.exe"

O4 - HKCU\..\Run: [AJPF] "C:\Documents and Settings\Pete's\AJPF.exe"

O4 - HKCU\..\Run: [JLMD] "C:\Documents and Settings\Pete's\JLMD.exe"

O4 - HKCU\..\Run: [HITN] "C:\Documents and Settings\Pete's\HITN.exe"

O4 - HKCU\..\Run: [LNBD] "C:\Documents and Settings\Pete's\LNBD.exe"

O4 - HKCU\..\Run: [bMID] "C:\Documents and Settings\Pete's\BMID.exe"

O4 - HKCU\..\Run: [TORH] "C:\Documents and Settings\Pete's\TORH.exe"

O4 - HKCU\..\Run: [TJUI] "C:\Documents and Settings\Pete's\TJUI.exe"

O4 - HKCU\..\Run: [RNUA] "C:\Documents and Settings\Pete's\RNUA.exe"

O4 - HKCU\..\Run: [JMQQ] "C:\Documents and Settings\Pete's\JMQQ.exe"

O4 - HKCU\..\Run: [FNRM] "C:\Documents and Settings\Pete's\FNRM.exe"

O4 - HKCU\..\Run: [JCPD] "C:\Documents and Settings\Pete's\JCPD.exe"

O4 - HKCU\..\Run: [DDAC] "C:\Documents and Settings\Pete's\DDAC.exe"

O4 - HKCU\..\Run: [iFLS] "C:\Documents and Settings\Pete's\IFLS.exe"

O4 - HKCU\..\Run: [bJFG] "C:\Documents and Settings\Pete's\BJFG.exe"

O4 - HKCU\..\Run: [HQEO] "C:\Documents and Settings\Pete's\HQEO.exe"

O4 - HKCU\..\Run: [HPGH] "C:\Documents and Settings\Pete's\HPGH.exe"

O4 - HKCU\..\Run: [JULO] "C:\Documents and Settings\Pete's\JULO.exe"

O4 - HKCU\..\Run: [DBGQ] "C:\Documents and Settings\Pete's\DBGQ.exe"

O4 - HKCU\..\Run: [MFLM] "C:\Documents and Settings\Pete's\MFLM.exe"

O4 - HKCU\..\Run: [FROT] "C:\Documents and Settings\Pete's\FROT.exe"

O4 - HKCU\..\Run: [OIUD] "C:\Documents and Settings\Pete's\OIUD.exe"

O4 - HKCU\..\Run: [HSJH] "C:\Documents and Settings\Pete's\HSJH.exe"

O4 - HKCU\..\Run: [NUON] "C:\Documents and Settings\Pete's\NUON.exe"

O4 - HKCU\..\Run: [THDB] "C:\Documents and Settings\Pete's\THDB.exe"

O4 - HKCU\..\Run: [12] "C:\WINDOWS\system32\12.exe"

O4 - HKCU\..\Run: [GPPE] "C:\Documents and Settings\Pete's\GPPE.exe"

O4 - HKCU\..\Run: [JHFL] "C:\Documents and Settings\Pete's\JHFL.exe"

O4 - HKCU\..\Run: [DUUB] "C:\Documents and Settings\Pete's\DUUB.exe"

O4 - HKCU\..\Run: [AFDQ] "C:\Documents and Settings\Pete's\AFDQ.exe"

O4 - HKCU\..\Run: [NGDT] "C:\Documents and Settings\Pete's\NGDT.exe"

O4 - HKCU\..\Run: [DLOA] "C:\Documents and Settings\Pete's\DLOA.exe"

O4 - HKCU\..\Run: [sANE] "C:\Documents and Settings\Pete's\SANE.exe"

O4 - HKCU\..\Run: [FRIP] "C:\Documents and Settings\Pete's\FRIP.exe"

O4 - HKCU\..\Run: [OTEP] "C:\Documents and Settings\Pete's\OTEP.exe"

O4 - HKCU\..\Run: [EEQG] "C:\Documents and Settings\Pete's\EEQG.exe"

O4 - HKCU\..\Run: [iQCT] "C:\Documents and Settings\Pete's\IQCT.exe"

O4 - HKCU\..\Run: [iKQF] "C:\Documents and Settings\Pete's\IKQF.exe"

O4 - HKCU\..\Run: [OCMA] "C:\Documents and Settings\Pete's\OCMA.exe"

O4 - HKCU\..\Run: [GCHM] "C:\Documents and Settings\Pete's\GCHM.exe"

O4 - HKCU\..\Run: [FJNH] "C:\Documents and Settings\Pete's\FJNH.exe"

O4 - HKCU\..\Run: [EMRK] "C:\Documents and Settings\Pete's\EMRK.exe"

O4 - HKCU\..\Run: [JMTJ] "C:\Documents and Settings\Pete's\JMTJ.exe"

O4 - HKCU\..\Run: [bEKO] "C:\Documents and Settings\Pete's\BEKO.exe"

O4 - HKCU\..\Run: [DFUD] "C:\Documents and Settings\Pete's\DFUD.exe"

O4 - HKCU\..\Run: [iUSN] "C:\Documents and Settings\Pete's\IUSN.exe"

O4 - HKCU\..\Run: [NBFL] "C:\Documents and Settings\Pete's\NBFL.exe"

O4 - HKCU\..\Run: [RHIH] "C:\Documents and Settings\Pete's\RHIH.exe"

O4 - HKCU\..\Run: [TBKE] "C:\Documents and Settings\Pete's\TBKE.exe"

O4 - HKCU\..\Run: [DEDQ] "C:\Documents and Settings\Pete's\DEDQ.exe"

O4 - HKCU\..\Run: [sEBU] "C:\Documents and Settings\Pete's\SEBU.exe"

O4 - HKCU\..\Run: [KOTH] "C:\Documents and Settings\Pete's\KOTH.exe"

O4 - HKCU\..\Run: [MSLR] "C:\Documents and Settings\Pete's\MSLR.exe"

O4 - HKCU\..\Run: [FKTT] "C:\Documents and Settings\Pete's\FKTT.exe"

O4 - HKCU\..\Run: [uTLL] "C:\Documents and Settings\Pete's\UTLL.exe"

O4 - HKCU\..\Run: [DUQO] "C:\Documents and Settings\Pete's\DUQO.exe"

O4 - HKCU\..\Run: [uCTL] "C:\Documents and Settings\Pete's\UCTL.exe"

O4 - HKCU\..\Run: [DRKK] "C:\Documents and Settings\Pete's\DRKK.exe"

O4 - HKCU\..\Run: [TTEH] "C:\Documents and Settings\Pete's\TTEH.exe"

O4 - HKCU\..\Run: [EGOU] "C:\Documents and Settings\Pete's\EGOU.exe"

O4 - HKCU\..\Run: [NDMS] "C:\Documents and Settings\Pete's\NDMS.exe"

O4 - HKCU\..\Run: [FLEQ] "C:\Documents and Settings\Pete's\FLEQ.exe"

O4 - HKCU\..\Run: [OSEQ] "C:\Documents and Settings\Pete's\OSEQ.exe"

O4 - HKCU\..\Run: [ATNI] "C:\Documents and Settings\Pete's\ATNI.exe"

O4 - HKCU\..\Run: [EBMT] "C:\Documents and Settings\Pete's\EBMT.exe"

O4 - HKCU\..\Run: [KUNN] "C:\Documents and Settings\Pete's\KUNN.exe"

O4 - HKCU\..\Run: [iBUM] "C:\Documents and Settings\Pete's\IBUM.exe"

O4 - HKCU\..\Run: [sFPF] "C:\Documents and Settings\Pete's\SFPF.exe"

O4 - HKCU\..\Run: [bGCQ] "C:\Documents and Settings\Pete's\BGCQ.exe"

O4 - HKCU\..\Run: [sTAC] "C:\Documents and Settings\Pete's\STAC.exe"

O4 - HKCU\..\Run: [HEKB] "C:\Documents and Settings\Pete's\HEKB.exe"

O4 - HKCU\..\Run: [LRRF] "C:\Documents and Settings\Pete's\LRRF.exe"

O4 - HKCU\..\Run: [OOJG] "C:\Documents and Settings\Pete's\OOJG.exe"

O4 - HKCU\..\Run: [ATFJ] "C:\Documents and Settings\Pete's\ATFJ.exe"

O4 - HKCU\..\Run: [EBPC] "C:\Documents and Settings\Pete's\EBPC.exe"

O4 - HKCU\..\Run: [GLMH] "C:\Documents and Settings\Pete's\GLMH.exe"

O4 - HKCU\..\Run: [LBTP] "C:\Documents and Settings\Pete's\LBTP.exe"

O4 - HKCU\..\Run: [ATQM] "C:\Documents and Settings\Pete's\ATQM.exe"

O4 - HKCU\..\Run: [bDAS] "C:\Documents and Settings\Pete's\BDAS.exe"

O4 - HKCU\..\Run: [CQEG] "C:\Documents and Settings\Pete's\CQEG.exe"

O4 - HKCU\..\Run: [NTPH] "C:\Documents and Settings\Pete's\NTPH.exe"

O4 - HKCU\..\Run: [TBDT] "C:\Documents and Settings\Pete's\TBDT.exe"

O4 - HKCU\..\Run: [RPNH] "C:\Documents and Settings\Pete's\RPNH.exe"

O4 - HKCU\..\Run: [NSDG] "C:\Documents and Settings\Pete's\NSDG.exe"

O4 - HKCU\..\Run: [NQQD] "C:\Documents and Settings\Pete's\NQQD.exe"

O4 - HKCU\..\Run: [ORUR] "C:\Documents and Settings\Pete's\ORUR.exe"

O4 - HKCU\..\Run: [iRTI] "C:\Documents and Settings\Pete's\IRTI.exe"

O4 - HKCU\..\Run: [HQAL] "C:\Documents and Settings\Pete's\HQAL.exe"

O4 - HKCU\..\Run: [iBHA] "C:\Documents and Settings\Pete's\IBHA.exe"

O4 - HKCU\..\Run: [EBUT] "C:\Documents and Settings\Pete's\EBUT.exe"

O4 - HKCU\..\Run: [POSS] "C:\Documents and Settings\Pete's\POSS.exe"

O4 - HKCU\..\Run: [bUTA] "C:\Documents and Settings\Pete's\BUTA.exe"

O4 - HKCU\..\Run: [LIBF] "C:\Documents and Settings\Pete's\LIBF.exe"

O4 - HKCU\..\Run: [AUBD] "C:\Documents and Settings\Pete's\AUBD.exe"

O4 - HKCU\..\Run: [DJIK] "C:\Documents and Settings\Pete's\DJIK.exe"

O4 - HKCU\..\Run: [ASOJ] "C:\Documents and Settings\Pete's\ASOJ.exe"

O4 - HKCU\..\Run: [bQPA] "C:\Documents and Settings\Pete's\BQPA.exe"

O4 - HKCU\..\Run: [DNRL] "C:\Documents and Settings\Pete's\DNRL.exe"

O4 - HKCU\..\Run: [LLII] "C:\Documents and Settings\Pete's\LLII.exe"

O4 - HKCU\..\Run: [OEOO] "C:\Documents and Settings\Pete's\OEOO.exe"

O4 - HKCU\..\Run: [CADJ] "C:\Documents and Settings\Pete's\CADJ.exe"

O4 - HKCU\..\Run: [JDIL] "C:\Documents and Settings\Pete's\JDIL.exe"

O4 - HKCU\..\Run: [GMDI] "C:\Documents and Settings\Pete's\GMDI.exe"

O4 - HKCU\..\Run: [MRCA] "C:\Documents and Settings\Pete's\MRCA.exe"

O4 - HKCU\..\Run: [NMEJ] "C:\Documents and Settings\Pete's\NMEJ.exe"

O4 - HKCU\..\Run: [PKJL] "C:\Documents and Settings\Pete's\PKJL.exe"

O4 - HKCU\..\Run: [TLBR] "C:\Documents and Settings\Pete's\TLBR.exe"

O4 - HKCU\..\Run: [EIAB] "C:\Documents and Settings\Pete's\EIAB.exe"

O4 - HKCU\..\Run: [NCQK] "C:\Documents and Settings\Pete's\NCQK.exe"

O4 - HKCU\..\Run: [PCHR] "C:\Documents and Settings\Pete's\PCHR.exe"

O4 - HKCU\..\Run: [TBLG] "C:\Documents and Settings\Pete's\TBLG.exe"

O4 - HKCU\..\Run: [LSPD] "C:\Documents and Settings\Pete's\LSPD.exe"

O4 - HKCU\..\Run: [OTSL] "C:\Documents and Settings\Pete's\OTSL.exe"

O4 - HKCU\..\Run: [QKIN] "C:\Documents and Settings\Pete's\QKIN.exe"

O4 - HKCU\..\Run: [HISI] "C:\Documents and Settings\Pete's\HISI.exe"

O4 - HKCU\..\Run: [AJII] "C:\Documents and Settings\Pete's\AJII.exe"

O4 - HKCU\..\Run: [MHGT] "C:\Documents and Settings\Pete's\MHGT.exe"

O4 - HKCU\..\Run: [OTCD] "C:\Documents and Settings\Pete's\OTCD.exe"

O4 - HKCU\..\Run: [AEJS] "C:\Documents and Settings\Pete's\AEJS.exe"

O4 - HKCU\..\Run: [sPMS] "C:\Documents and Settings\Pete's\SPMS.exe"

O4 - HKCU\..\Run: [MQDT] "C:\Documents and Settings\Pete's\MQDT.exe"

O4 - HKCU\..\Run: [NARM] "C:\Documents and Settings\Pete's\NARM.exe"

O4 - HKCU\..\Run: [FMLH] "C:\Documents and Settings\Pete's\FMLH.exe"

O4 - HKCU\..\Run: [RHMM] "C:\Documents and Settings\Pete's\RHMM.exe"

O4 - HKCU\..\Run: [iUIH] "C:\Documents and Settings\Pete's\IUIH.exe"

O4 - HKCU\..\Run: [MGAE] "C:\Documents and Settings\Pete's\MGAE.exe"

O4 - HKCU\..\Run: [KLQE] "C:\Documents and Settings\Pete's\KLQE.exe"

O4 - HKCU\..\Run: [CJJQ] "C:\Documents and Settings\Pete's\CJJQ.exe"

O4 - HKCU\..\Run: [MRAA] "C:\Documents and Settings\Pete's\MRAA.exe"

O4 - HKCU\..\Run: [LHHF] "C:\Documents and Settings\Pete's\LHHF.exe"

O4 - HKCU\..\Run: [sIHO] "C:\Documents and Settings\Pete's\SIHO.exe"

O4 - HKCU\..\Run: [FJBM] "C:\Documents and Settings\Pete's\FJBM.exe"

O4 - HKCU\..\Run: [OTUG] "C:\Documents and Settings\Pete's\OTUG.exe"

O4 - HKCU\..\Run: [EMUR] "C:\Documents and Settings\Pete's\EMUR.exe"

O4 - HKCU\..\Run: [RIDS] "C:\Documents and Settings\Pete's\RIDS.exe"

O4 - HKCU\..\Run: [sAKO] "C:\Documents and Settings\Pete's\SAKO.exe"

O4 - HKCU\..\Run: [LBGR] "C:\Documents and Settings\Pete's\LBGR.exe"

O4 - HKCU\..\Run: [QCEG] "C:\Documents and Settings\Pete's\QCEG.exe"

O4 - HKCU\..\Run: [OPOA] "C:\Documents and Settings\Pete's\OPOA.exe"

O4 - HKCU\..\Run: [LLKU] "C:\Documents and Settings\Pete's\LLKU.exe"

O4 - HKCU\..\Run: [CIMP] "C:\Documents and Settings\Pete's\CIMP.exe"

O4 - HKCU\..\Run: [JQLT] "C:\Documents and Settings\Pete's\JQLT.exe"

O4 - HKCU\..\Run: [JEAT] "C:\Documents and Settings\Pete's\JEAT.exe"

O4 - HKCU\..\Run: [DCGB] "C:\Documents and Settings\Pete's\DCGB.exe"

O4 - HKCU\..\Run: [sRJN] "C:\Documents and Settings\Pete's\SRJN.exe"

O4 - HKCU\..\Run: [TJHC] "C:\Documents and Settings\Pete's\TJHC.exe"

O4 - HKCU\..\Run: [FCNP] "C:\Documents and Settings\Pete's\FCNP.exe"

O4 - HKCU\..\Run: [GCHJ] "C:\Documents and Settings\Pete's\GCHJ.exe"

O4 - HKCU\..\Run: [MAMG] "C:\Documents and Settings\Pete's\MAMG.exe"

O4 - HKCU\..\Run: [KSKQ] "C:\Documents and Settings\Pete's\KSKQ.exe"

O4 - HKCU\..\Run: [ETOL] "C:\Documents and Settings\Pete's\ETOL.exe"

O4 - HKCU\..\Run: [GSTA] "C:\Documents and Settings\Pete's\GSTA.exe"

O4 - HKCU\..\Run: [PABH] "C:\Documents and Settings\Pete's\PABH.exe"

O4 - HKCU\..\Run: [QIKO] "C:\Documents and Settings\Pete's\QIKO.exe"

O4 - HKCU\..\Run: [NSQU] "C:\Documents and Settings\Pete's\NSQU.exe"

O4 - HKCU\..\Run: [HNFN] "C:\Documents and Settings\Pete's\HNFN.exe"

O4 - HKCU\..\Run: [NMAK] "C:\Documents and Settings\Pete's\NMAK.exe"

O4 - HKCU\..\Run: [MMIS] "C:\Documents and Settings\Pete's\MMIS.exe"

O4 - HKCU\..\Run: [HJLN] "C:\Documents and Settings\Pete's\HJLN.exe"

O4 - HKCU\..\Run: [FICH] "C:\Documents and Settings\Pete's\FICH.exe"

O4 - HKCU\..\Run: [JCAC] "C:\Documents and Settings\Pete's\JCAC.exe"

O4 - HKCU\..\Run: [sSKS] "C:\Documents and Settings\Pete's\SSKS.exe"

O4 - HKCU\..\Run: [QCHL] "C:\Documents and Settings\Pete's\QCHL.exe"

O4 - HKCU\..\Run: [JLDU] "C:\Documents and Settings\Pete's\JLDU.exe"

O4 - HKCU\..\Run: [JGDE] "C:\Documents and Settings\Pete's\JGDE.exe"

O4 - HKCU\..\Run: [LNFN] "C:\Documents and Settings\Pete's\LNFN.exe"

O4 - HKCU\..\Run: [HIQP] "C:\Documents and Settings\Pete's\HIQP.exe"

O4 - Startup: PowerReg Scheduler V3.exe

O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Run Nintendo Wi-Fi USB Connector Registration Tool.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe

O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Mail to a Friend... - http://client.alexa.com/holiday/script/actions/mailto.htm

O8 - Extra context menu item: Open in New &Window (PopOops) - C:\WINDOWS\Web\PopOops.htm

O8 - Extra context menu item: See Related Links - http://client.alexa.com/holiday/script/actions/related.htm

O8 - Extra context menu item: Write a Review... - http://client.alexa.com/holiday/script/actions/review.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab

O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab

O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab

O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab

O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab

O16 - DPF: {A954AFC3-3A26-44C2-A126-2B61C09F8FC9} (SNRecovery Control) - http://www.cybersitter.com/recovery/ocx/SerialRecovery.ocx

O16 - DPF: {C52439A0-2693-4E40-B141-9F9AD5257241} (Lexmark eDiagnostics Class) - https://ediagnostics.lexmark.com/serval.cab

O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe

O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

O23 - Service: Uno Installer (UnoInstallerService) - Unknown owner - C:\Program Files\M-Audio Uno\UnoInst.exe

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

[therock247uk]

First download AVG Anti-Spyware from HERE and save that file to your desktop.

This is a 30 day trial of the program

1. Once you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double-click it to launch the set up program.
   
2. Once the setup is complete you will need run AVG Anti-Spyware and update the definition files.
   
3. On the main screen select the icon "Update" then select the "Update now" link.
   • Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
     

[*]Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.

[*]Once in the Settings screen click on "Recommended actions" and then select "Quarantine".

[*]Under "Reports"

• Select "Automatically generate report after every scan"
  
• Un-Select "Only if threats were found"
  

Close AVG Anti-Spyware, Do Not run a scan just yet, we will shortly.

1. Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
   IMPORTANT: Do not open any other windows or programs while AVG Anti-Spyware is scanning, it may interfere with the scanning proccess:
   
2. Lauch AVG Anti-Spyware by double-clicking the icon on your desktop.
   
3. Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
   
4. AVG Anti-Spyware will now begin the scanning process, be patient this may take a little time.
   Once the scan is complete do the following:
   
5. If you have any infections you will prompted, then select "Apply all actions"
   
6. Next select the "Reports" icon at the top.
   
7. Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
   
8. Close AVG Anti-Spyware and reboot your system back into Normal Mode and post the results of the AVG Anti-Spyware report scan.
   

[kohu]

I put the log as an attachment, its too big to copy+paste. Thats okay right?

Report_Scan_20070310_143905.txt

[therock247uk]

Yep.

Please download ATF Cleaner by Atribune.

This program is for XP and Windows 2000 only

• Double-click ATF-Cleaner.exe to run the program.
  Under Main choose: Select All
  Click the Empty Selected button.
  

If you use Firefox browser

• Click Firefox at the top and choose: Select All
  Click the Empty Selected button.
  NOTE: If you would like to keep your saved passwords, please click No at the prompt.
  

If you use Opera browser

• Click Opera at the top and choose: Select All
  Click the Empty Selected button.
  NOTE: If you would like to keep your saved passwords, please click No at the prompt.
  

Click Exit on the Main menu to close the program.

For Technical Support, double-click the e-mail address located at the bottom of each menu.

Please go HERE to run Panda's ActiveScan

• Once you are on the Panda site click the Scan your PC button
  
• A new window will open...click the Check Now button
  
• Enter your Country
  
• Enter your State/Province
  
• Enter your e-mail address and click send
  
• Select either Home User or Company
  
• Click the big Scan Now button
  
• If it wants to install an ActiveX component allow it
  
• It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
  
• When download is complete, click on My Computer to start the scan
  
• When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan report
  

[kohu]

Incident Status Location

Adware:adware/alexa-toolbar Not disinfected c:\program files\Alexa Toolbar

Spyware:spyware/searchcentrix Not disinfected Windows Registry

Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-2ecf098a-75d03cbe.zip[Gummy.class]

Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt

Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Owner\Cookies\owner@247realmedia[2].txt

Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Owner\Cookies\owner@2o7[2].txt

Spyware:Cookie/64.62.232 Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt

Spyware:Cookie/AdDynamix Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt

Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt

Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Owner\Cookies\owner@adtech[2].txt

Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt

Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt

Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Owner\Cookies\owner@atwola[1].txt

Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Owner\Cookies\owner@azjmp[2].txt

Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Owner\Cookies\owner@belnk[1].txt

Spyware:Cookie/Bilbo.counted Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt

Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Owner\Cookies\owner@bravenet[1].txt

Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt

Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Owner\Cookies\owner@burstnet[1].txt

Spyware:Cookie/ Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt

Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\Owner\Cookies\owner@ccbill[1].txt

Spyware:Cookie/CentrPort Not disinfected C:\Documents and Settings\Owner\Cookies\owner@centrport[1].txt

Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Owner\Cookies\owner@cgi-bin[11].txt

Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Owner\Cookies\owner@cgi-bin[12].txt

Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Owner\Cookies\owner@cgi-bin[3].txt

Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Owner\Cookies\owner@cgi-bin[4].txt

Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Owner\Cookies\owner@cgi-bin[7].txt

Spyware:Cookie/Bridgetrack Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt

Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Owner\Cookies\owner@com[2].txt

Spyware:Cookie/cs. Not disinfected C:\Documents and Settings\Owner\Cookies\owner@cs. [2].txt

Spyware:Cookie/360i Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt

Spyware:Cookie/Date Not disinfected C:\Documents and Settings\Owner\Cookies\owner@date[1].txt

Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\Owner\Cookies\owner@did-it[1].txt

Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt

Spyware:Cookie/Entrepreneur Not disinfected C:\Documents and Settings\Owner\Cookies\owner@entrepreneur[2].txt

Spyware:Cookie/ Squad Not disinfected C:\Documents and Settings\Owner\Cookies\owner@ squad[2].txt

Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\Owner\Cookies\owner@gostats[2].txt

Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Owner\Cookies\owner@go[3].txt

Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt

Spyware:Cookie/MediaTickets Not disinfected C:\Documents and Settings\Owner\Cookies\owner@kinghost[2].txt

Spyware:Cookie/DomainSponsor Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt

Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\Owner\Cookies\owner@maxserving[2].txt

Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Owner\Cookies\owner@overture[1].txt

Spyware:Cookie/PayCounter Not disinfected C:\Documents and Settings\Owner\Cookies\owner@paycounter[1].txt

Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt

Spyware:Cookie/QkSrv Not disinfected C:\Documents and Settings\Owner\Cookies\owner@qksrv[2].txt

Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Owner\Cookies\owner@questionmarket[2].txt

Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Owner\Cookies\owner@realmedia[2].txt

Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\Owner\Cookies\owner@revenue[2].txt

Spyware:Cookie/Rightmedia Not disinfected C:\Documents and Settings\Owner\Cookies\owner@rightmedia[1].txt

Spyware:Cookie/Rn11 Not disinfected C:\Documents and Settings\Owner\Cookies\owner@rn11[2].txt

Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt

Spyware:Cookie/Seeq Not disinfected C:\Documents and Settings\Owner\Cookies\owner@seeq[1].txt

Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt

Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Owner\Cookies\owner@serving-sys[1].txt

Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt

Spyware:Cookie/Clicktracks Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt

Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Owner\Cookies\owner@target[1].txt

Spyware:Cookie/Tickle Not disinfected C:\Documents and Settings\Owner\Cookies\owner@tickle[2].txt

Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Owner\Cookies\owner@toplist[2].txt

Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Owner\Cookies\owner@trafficmp[2].txt

Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[2].txt

Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt

Spyware:Cookie/myaffiliateprogram Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt

Spyware:Cookie/web-stat Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt

Spyware:Cookie/Seeq Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt

Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Owner\Cookies\owner@xiti[1].txt

Spyware:Cookie/ Not disinfected C:\Documents and Settings\Owner\Cookies\owner@ [2].txt

Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\Owner\Cookies\owner@yadro[1].txt

Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Pete's\Cookies\pete's@2o7[2].txt

Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Pete's\Cookies\pete'[email protected][2].txt

Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Pete's\Cookies\pete's@atwola[1].txt

Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Pete's\Cookies\pete's@burstnet[2].txt

Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Pete's\Cookies\pete's@com[1].txt

Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Pete's\Cookies\pete's@statcounter[2].txt

Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Pete's\Cookies\pete's@tribalfusion[2].txt

Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Pete's\Cookies\pete'[email protected][1].txt

Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Pete's\Cookies\pete's@zedo[1].txt

Spyware:Spyware/Virtumonde Not disinfected C:\Documents and Settings\Pete's\Local Settings\Temp\Temporary Internet Files\Content.IE5\GPM3816F\aff_dn[1]

Adware:Adware/WebSearch Not disinfected C:\Documents and Settings\Pete's\Local Settings\Temp\tmp131.tmp.exe

Virus:Trj/Downloader.MRX Disinfected C:\Documents and Settings\Pete's\Local Settings\Temp\tmp16.tmp.exe

Spyware:Spyware/Virtumonde Not disinfected C:\Documents and Settings\Pete's\Local Settings\Temp\tmp1C.tmp.exe

Spyware:Spyware/Virtumonde Not disinfected C:\Documents and Settings\Pete's\Local Settings\Temp\tmp1E0.tmp.exe

Virus:Trj/Downloader.MRX Disinfected C:\Documents and Settings\Pete's\Local Settings\Temp\tmp1E1.tmp.exe

Virus:Trj/Downloader.MRX Disinfected C:\Documents and Settings\Pete's\Local Settings\Temp\tmp20.tmp.exe

Spyware:Spyware/Virtumonde Not disinfected C:\Documents and Settings\Pete's\Local Settings\Temp\tmp21.tmp.exe

Spyware:Spyware/Virtumonde Not disinfected C:\Documents and Settings\Pete's\Local Settings\Temp\tmp95.tmp.exe

Adware:Adware/WebSearch Not disinfected C:\Documents and Settings\Pete's\Local Settings\Temp\tmpC9.tmp.exe

Spyware:Spyware/Virtumonde Not disinfected C:\Documents and Settings\Pete's\Local Settings\Temp\tmpD.tmp.exe

Virus:Trj/Downloader.MRX Disinfected C:\Documents and Settings\Pete's\Local Settings\Temp\tmpD6.tmp.exe

Potentially unwanted tool:Application/KillApp.B Not disinfected C:\hp\bin\KillIt.exe

Adware:Adware/Alexa-Toolbar Not disinfected C:\Program Files\Alexa Toolbar\uninstall.exe

Adware:Adware/YazzleSudoku Not disinfected C:\Program Files\Common Files\Yazzle1122OinUninstaller.exe

Adware:Adware/Maxifiles Not disinfected C:\Program Files\Common Files\{30408BFC-0897-1033-0611-040402230001}\UnInstall.exe

Adware:Adware/Maxifiles Not disinfected C:\Program Files\Common Files\{30408BFC-0898-1033-0611-040402230001}\UnInstall.exe

[therock247uk]

Open HijackThis, click Config, click Misc Tools

Click "Open Uninstall Manager"

Click "Save List" (generates uninstall_list.txt)

Click Save, copy and paste the results in your next post.

[kohu]

Adobe Acrobat - Reader 6.0.2 Update

Adobe Acrobat 4.0

Adobe Acrobat 4.0, 5.0

Adobe ActiveShare 1.2

Adobe Atmosphere Player for Acrobat and Adobe Reader

Adobe PhotoDeluxe Home Edition 4.0

Adobe Reader 6.0.1

Agere Systems PCI Soft Modem

Apple Software Update

ATI - Software Uninstall Utility

ATI Control Panel

ATI Display Driver

ATI DVD Decoder 2.2.0.0

ATI HYDRAVISION

ATI Multimedia Center 8.6.0.0

AVG Anti-Spyware 7.5

AviSynth 2.5

Black & White® 2

Blackhawk Striker from Hewlett-Packard Desktops (remove only)

Blasterball 2 from Hewlett-Packard Desktops (remove only)

Bounce Symphony from Hewlett-Packard Desktops (remove only)

CC_ccStart

ccCommon

Civilization III

Crystal Maze from Hewlett-Packard Desktops (remove only)

DAO

DivX Player

DivX Pro Trial

Enhanced Multimedia Keyboard Solution

EPSON Printer Software

Five Card Frenzy from Hewlett-Packard Desktops (remove only)

GdiplusUpgrade

GGE909 PC Recoil Pad

Ghost Recon

Google Earth

How To Master Excel 2000

HP Image Zone 3.5

HP Image Zone Plus 3.5

HP Instant Support

HP Photo & Imaging 3.5 - HP Devices

HP PSC & OfficeJet 3.5

HP Software Update

HPIZ350

Impossible Creatures

Impossible Creatures 1.0.1

Ink Monitor

InterVideo WinDVD Creator 2

InterVideo WinDVD Player

ips XP 1.11.2600

ItsDeductible Express

iTunes

Java 2 Runtime Environment, SE v1.4.2_03

Kazaa Lite K++ v2.4.3

Kazoo Player

Lexmark 2400 Series

Lexmark Toolbar

LiveReg (Symantec Corporation)

LiveUpdate 3.0 (Symantec Corporation)

Lords of the Realm III

M&Ms The Lost Formulas

Macromedia Flash Player 8

Mall Tycoon 2

MAX DS Video Converter

Memories Disc Creator 2.0

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Hotfix (KB886903)

Microsoft .NET Framework 2.0

Microsoft Data Access Components KB870669

Microsoft Money 2004

Microsoft Money 2004 System Pack

Microsoft Office Professional Edition 2003

Microsoft Plus! Digital Media Edition

Microsoft Text-to-Speech Engine 4.0 (English)

Microsoft Works 7.0

MSN Music Assistant

MSRedist

MSXML 4.0 SP2 (KB927978)

Need For Speed Hot Pursuit 2

Nintendo DS - GBA Max Drive

Nintendo Wi-Fi USB Connector Registration Tool

Norton AntiVirus 2004

Norton AntiVirus 2004 (Symantec Corporation)

Norton AntiVirus Parent MSI

Norton WMI Update

Orbital from Hewlett-Packard Desktops (remove only)

Otto from Hewlett-Packard Desktops (remove only)

Overball from Hewlett-Packard Desktops (remove only)

overland

Panda ActiveScan

PC-Doctor for Windows

Photosmart 140,240,7200,7600,7700,7900 Series

Polar Bowler from Hewlett-Packard Desktops (remove only)

Pop-Up Stopper Free Edition

Project64 1.6

PS2

Python 2.2 combined Win32 extensions

Python 2.2.1

QuickTime

RealPlayer

RecordNow!

Rhinoceros 3.0 Evaluation

Roll

Roller Coaster Tycoon

S3 S3Display

S3 S3Gamma2

S3 S3Info2

S3 S3Overlay

Security Update for Microsoft .NET Framework 2.0 (KB917283)

Security Update for Microsoft .NET Framework 2.0 (KB922770)

Security Update for Step By Step Interactive Training (KB898458)

Security Update for Step By Step Interactive Training (KB923723)

Security Update for Windows Media Player (KB911564)

Security Update for Windows Media Player 10 (KB911565)

Security Update for Windows Media Player 10 (KB917734)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows XP (KB883939)

Security Update for Windows XP (KB890046)

Security Update for Windows XP (KB893756)

Security Update for Windows XP (KB896358)

Security Update for Windows XP (KB896422)

Security Update for Windows XP (KB896423)

Security Update for Windows XP (KB896424)

Security Update for Windows XP (KB896428)

Security Update for Windows XP (KB896688)

Security Update for Windows XP (KB899587)

Security Update for Windows XP (KB899588)

Security Update for Windows XP (KB899591)

Security Update for Windows XP (KB900725)

Security Update for Windows XP (KB901017)

Security Update for Windows XP (KB901190)

Security Update for Windows XP (KB901214)

Security Update for Windows XP (KB902400)

Security Update for Windows XP (KB903235)

Security Update for Windows XP (KB904706)

Security Update for Windows XP (KB905414)

Security Update for Windows XP (KB905749)

Security Update for Windows XP (KB905915)

Security Update for Windows XP (KB908519)

Security Update for Windows XP (KB908531)

Security Update for Windows XP (KB911280)

Security Update for Windows XP (KB911562)

Security Update for Windows XP (KB911567)

Security Update for Windows XP (KB911927)

Security Update for Windows XP (KB912812)

Security Update for Windows XP (KB912919)

Security Update for Windows XP (KB913446)

Security Update for Windows XP (KB913580)

Security Update for Windows XP (KB914388)

Security Update for Windows XP (KB914389)

Security Update for Windows XP (KB916281)

Security Update for Windows XP (KB917159)

Security Update for Windows XP (KB917344)

Security Update for Windows XP (KB917422)

Security Update for Windows XP (KB917953)

Security Update for Windows XP (KB918118)

Security Update for Windows XP (KB918439)

Security Update for Windows XP (KB918899)

Security Update for Windows XP (KB919007)

Security Update for Windows XP (KB920213)

Security Update for Windows XP (KB920214)

Security Update for Windows XP (KB920670)

Security Update for Windows XP (KB920683)

Security Update for Windows XP (KB920685)

Security Update for Windows XP (KB921398)

Security Update for Windows XP (KB921883)

Security Update for Windows XP (KB922616)

Security Update for Windows XP (KB922760)

Security Update for Windows XP (KB922819)

Security Update for Windows XP (KB923191)

Security Update for Windows XP (KB923414)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB923694)

Security Update for Windows XP (KB923980)

Security Update for Windows XP (KB924191)

Security Update for Windows XP (KB924270)

Security Update for Windows XP (KB924496)

Security Update for Windows XP (KB924667)

Security Update for Windows XP (KB925454)

Security Update for Windows XP (KB925486)

Security Update for Windows XP (KB926255)

Security Update for Windows XP (KB926436)

Security Update for Windows XP (KB927779)

Security Update for Windows XP (KB927802)

Security Update for Windows XP (KB928090)

Security Update for Windows XP (KB928255)

Security Update for Windows XP (KB928843)

Security Update for Windows XP (KB929969)

Sid Meier's Civilization 4

Sid Meier's Pirates!

Slyder from Hewlett-Packard Desktops (remove only)

Sonic Update Manager

Sony ACID Music Studio 6.0b

Spybot - Search & Destroy 1.4

Street Atlas USA Deluxe

SymNet

The Battle for Middle-earth

The Hobbit

Toolkit View(HP)

Tradewinds from Hewlett-Packard Desktops (remove only)

TurboTax 2005

TurboTax Deluxe 2004

TurboTax ItsDeductible 2005

UniChrome IGP Driver and Utilities

Uno

Update for Windows XP (KB894391)

Update for Windows XP (KB896727)

Update for Windows XP (KB898461)

Update for Windows XP (KB900485)

Update for Windows XP (KB910437)

Update for Windows XP (KB916595)

Update for Windows XP (KB920872)

Update for Windows XP (KB922582)

Update for Windows XP (KB931836)

Updates from HP

VIA Rhine-Family Fast Ethernet Adapter

Viewpoint Manager (Remove Only)

Volvo Ocean Race 2005

WexTech AnswerWorks

Where Am I Dataset

Windows Installer 3.1 (KB893803)

Windows Installer 3.1 (KB893803)

Windows Media Encoder 9 Series

Windows Media Encoder 9 Series

Windows Media Format Runtime

Windows Media Player 10

Windows XP Hotfix - KB834707

Windows XP Hotfix - KB867282

Windows XP Hotfix - KB873333

Windows XP Hotfix - KB885250

Windows XP Hotfix - KB885835

Windows XP Hotfix - KB885836

Windows XP Hotfix - KB886185

Windows XP Hotfix - KB887472

Windows XP Hotfix - KB887742

Windows XP Hotfix - KB888113

Windows XP Hotfix - KB888302

Windows XP Hotfix - KB890047

Windows XP Hotfix - KB890175

Windows XP Hotfix - KB890859

Windows XP Hotfix - KB890923

Windows XP Hotfix - KB891781

Windows XP Hotfix - KB893066

Windows XP Hotfix - KB893086

Windows XP Service Pack 2

Word Symphony from Hewlett-Packard Desktops (remove only)

Zoo Tycoon 2

Zoo Tycoon 2 Patch

[therock247uk]

Delete the files. (if present)

C:\Program Files\Common Files\Yazzle1122OinUninstaller.exe

Then please download VundoFix.exe to your desktop.

• Double-click VundoFix.exe to run it.
  
• Click the Scan for Vundo button.
  
• Once it's done scanning, click the Remove Vundo button.
  
• You will receive a prompt asking if you want to remove the files, click YES
  
• Once you click yes, your desktop will go blank as it starts removing Vundo.
  
• When completed, it will prompt that it will reboot your computer, click OK.
  
• Please post the contents of C:\vundofix.txt and a new HiJackThis log.
  

Note: It is possible that VundoFix encountered a file it could not remove.

In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button." when VundoFix appears at reboot.

[kohu]

Didn't find anything.

[therock247uk]

Ok post a new Hijackthis log here in a reply.

[kohu]

Logfile of HijackThis v1.99.1

Scan saved at 3:23:07 PM, on 3/13/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wscntfy.exe

C:\windows\system\hpsysdrv.exe

C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

C:\WINDOWS\System32\hphmon05.exe

C:\WINDOWS\system32\VTTimer.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\WINDOWS\ALCXMNTR.EXE

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\HP\KBD\KBD.EXE

C:\Program Files\Lexmark 2400 Series\lxcrmon.exe

C:\Program Files\Lexmark 2400 Series\ezprint.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\Cyb2k.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\WiFiConnector\NintendoWFCReg.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE

C:\HJT\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx

O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe

O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [updateManager] "c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [ink Monitor] C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"

O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"

O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [C2K] C:\WINDOWS\Cyb2k.exe

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [backupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe

O4 - HKCU\..\Run: [com11N] RunDll32.exe C:\WINDOWS\system32\com11N.dll,Setup

O4 - HKCU\..\Run: [wxluql] "C:\WINDOWS\system32\wxluql.exe"

O4 - HKCU\..\Run: [explorer] C:\WINDOWS\explorer.exe

O4 - HKCU\..\Run: [iexplore] C:\Program Files\Internet Explorer\iexplore.exe

O4 - HKCU\..\Run: [1] "C:\WINDOWS\system32\1.exe"

O4 - HKCU\..\Run: [wdlsjm] "C:\WINDOWS\system32\wdlsjm.exe"

O4 - HKCU\..\Run: [wtgac] "C:\WINDOWS\system32\wtgac.exe"

O4 - HKCU\..\Run: [wjmyret] "C:\WINDOWS\system32\wjmyret.exe"

O4 - HKCU\..\Run: [wpwerlgs] "C:\WINDOWS\system32\wpwerlgs.exe"

O4 - HKCU\..\Run: [walfwey] "C:\WINDOWS\system32\walfwey.exe"

O4 - HKCU\..\Run: [wfuotvq] "C:\WINDOWS\system32\wfuotvq.exe"

O4 - HKCU\..\Run: [wlmjiko] "C:\WINDOWS\system32\wlmjiko.exe"

O4 - HKCU\..\Run: [wrpmu] "C:\WINDOWS\system32\wrpmu.exe"

O4 - HKCU\..\Run: [wyxb] "C:\WINDOWS\system32\wyxb.exe"

O4 - HKCU\..\Run: [wgujry] "C:\WINDOWS\system32\wgujry.exe"

O4 - HKCU\..\Run: [wpscpw] "C:\WINDOWS\system32\wpscpw.exe"

O4 - HKCU\..\Run: [wgrwnvqgm] "C:\WINDOWS\system32\wgrwnvqgm.exe"

O4 - HKCU\..\Run: [wmrnxn] "C:\WINDOWS\system32\wmrnxn.exe"

O4 - HKCU\..\Run: [wesh] "C:\WINDOWS\system32\wesh.exe"

O4 - HKCU\..\Run: [wxxkobjhf] "C:\WINDOWS\system32\wxxkobjhf.exe"

O4 - HKCU\..\Run: [wynbnuob] "C:\WINDOWS\system32\wynbnuob.exe"

O4 - HKCU\..\Run: [wvfp] "C:\WINDOWS\system32\wvfp.exe"

O4 - HKCU\..\Run: [wfqnxn] "C:\WINDOWS\system32\wfqnxn.exe"

O4 - HKCU\..\Run: [wpeyo] "C:\WINDOWS\system32\wpeyo.exe"

O4 - HKCU\..\Run: [wcrwtyb] "C:\WINDOWS\system32\wcrwtyb.exe"

O4 - HKCU\..\Run: [wbdjkku] "C:\WINDOWS\system32\wbdjkku.exe"

O4 - HKCU\..\Run: [wwftyxj] "C:\WINDOWS\system32\wwftyxj.exe"

O4 - HKCU\..\Run: [wvuctb] "C:\WINDOWS\system32\wvuctb.exe"

O4 - HKCU\..\Run: [wreilv] "C:\WINDOWS\system32\wreilv.exe"

O4 - HKCU\..\Run: [wgntey] "C:\WINDOWS\system32\wgntey.exe"

O4 - HKCU\..\Run: [wobwoma] "C:\WINDOWS\system32\wobwoma.exe"

O4 - HKCU\..\Run: [wxjisu] "C:\WINDOWS\system32\wxjisu.exe"

O4 - HKCU\..\Run: [wqkfnpt] "C:\WINDOWS\system32\wqkfnpt.exe"

O4 - HKCU\..\Run: [wwnbta] "C:\WINDOWS\system32\wwnbta.exe"

O4 - HKCU\..\Run: [warxgjt] "C:\WINDOWS\system32\warxgjt.exe"

O4 - HKCU\..\Run: [wtgnd] "C:\WINDOWS\system32\wtgnd.exe"

O4 - HKCU\..\Run: [wgnryw] "C:\WINDOWS\system32\wgnryw.exe"

O4 - HKCU\..\Run: [wrtg] "C:\WINDOWS\system32\wrtg.exe"

O4 - HKCU\..\Run: [wsj] "C:\WINDOWS\system32\wsj.exe"

O4 - HKCU\..\Run: [wjmmyu] "C:\WINDOWS\system32\wjmmyu.exe"

O4 - HKCU\..\Run: [wqdksiek] "C:\WINDOWS\system32\wqdksiek.exe"

O4 - HKCU\..\Run: [wukkg] "C:\WINDOWS\system32\wukkg.exe"

O4 - HKCU\..\Run: [wvcfyks] "C:\WINDOWS\system32\wvcfyks.exe"

O4 - HKCU\..\Run: [wgpmhm] "C:\WINDOWS\system32\wgpmhm.exe"

O4 - HKCU\..\Run: [wemoy] "C:\WINDOWS\system32\wemoy.exe"

O4 - HKCU\..\Run: [wurjhsw] "C:\WINDOWS\system32\wurjhsw.exe"

O4 - HKCU\..\Run: [wped] "C:\WINDOWS\system32\wped.exe"

O4 - HKCU\..\Run: [wkxoujg] "C:\WINDOWS\system32\wkxoujg.exe"

O4 - HKCU\..\Run: [wwwwgt] "C:\WINDOWS\system32\wwwwgt.exe"

O4 - HKCU\..\Run: [wcdvmom] "C:\WINDOWS\system32\wcdvmom.exe"

O4 - HKCU\..\Run: [wwfj] "C:\WINDOWS\system32\wwfj.exe"

O4 - HKCU\..\Run: [wgdqmoxtd] "C:\WINDOWS\system32\wgdqmoxtd.exe"

O4 - HKCU\..\Run: [wcmhvms] "C:\WINDOWS\system32\wcmhvms.exe"

O4 - HKCU\..\Run: [wrfquawcj] "C:\WINDOWS\system32\wrfquawcj.exe"

O4 - HKCU\..\Run: [wcfr] "C:\WINDOWS\system32\wcfr.exe"

O4 - HKCU\..\Run: [wrvrj] "C:\WINDOWS\system32\wrvrj.exe"

O4 - HKCU\..\Run: [wqjmqkg] "C:\WINDOWS\system32\wqjmqkg.exe"

O4 - HKCU\..\Run: [woj] "C:\WINDOWS\system32\woj.exe"

O4 - HKCU\..\Run: [wmigeqpw] "C:\WINDOWS\system32\wmigeqpw.exe"

O4 - HKCU\..\Run: [wtqkmgq] "C:\WINDOWS\system32\wtqkmgq.exe"

O4 - HKCU\..\Run: [whbs] "C:\WINDOWS\system32\whbs.exe"

O4 - HKCU\..\Run: [wpor] "C:\WINDOWS\system32\wpor.exe"

O4 - HKCU\..\Run: [wyvo] "C:\WINDOWS\system32\wyvo.exe"

O4 - HKCU\..\Run: [wghj] "C:\WINDOWS\system32\wghj.exe"

O4 - HKCU\..\Run: [webtxa] "C:\WINDOWS\system32\webtxa.exe"

O4 - HKCU\..\Run: [whdtymxgf] "C:\WINDOWS\system32\whdtymxgf.exe"

O4 - HKCU\..\Run: [wedbrt] "C:\WINDOWS\system32\wedbrt.exe"

O4 - HKCU\..\Run: [wtcje] "C:\WINDOWS\system32\wtcje.exe"

O4 - HKCU\..\Run: [wvcbiks] "C:\WINDOWS\system32\wvcbiks.exe"

O4 - HKCU\..\Run: [wejl] "C:\WINDOWS\system32\wejl.exe"

O4 - HKCU\..\Run: [wdti] "C:\WINDOWS\system32\wdti.exe"

O4 - HKCU\..\Run: [wjtxbwq] "C:\WINDOWS\system32\wjtxbwq.exe"

O4 - HKCU\..\Run: [wprwkn] "C:\WINDOWS\system32\wprwkn.exe"

O4 - HKCU\..\Run: [wlmgrhuq] "C:\WINDOWS\system32\wlmgrhuq.exe"

O4 - HKCU\..\Run: [wpm] "C:\WINDOWS\system32\wpm.exe"

O4 - HKCU\..\Run: [wujja] "C:\WINDOWS\system32\wujja.exe"

O4 - HKCU\..\Run: [wreptjplh] "C:\WINDOWS\system32\wreptjplh.exe"

O4 - HKCU\..\Run: [wie] "C:\WINDOWS\system32\wie.exe"

O4 - HKCU\..\Run: [wxumr] "C:\WINDOWS\system32\wxumr.exe"

O4 - HKCU\..\Run: [whlyke] "C:\WINDOWS\system32\whlyke.exe"

O4 - HKCU\..\Run: [HTFU] "C:\Documents and Settings\Pete's\HTFU.exe"

O4 - HKCU\..\Run: [wdbyl] "C:\WINDOWS\system32\wdbyl.exe"

O4 - HKCU\..\Run: [GGAI] "C:\Documents and Settings\Pete's\GGAI.exe"

O4 - HKCU\..\Run: [wqkmtpmte] "C:\WINDOWS\system32\wqkmtpmte.exe"

O4 - HKCU\..\Run: [FFIP] "C:\Documents and Settings\Pete's\FFIP.exe"

O4 - HKCU\..\Run: [wsqyk] "C:\WINDOWS\system32\wsqyk.exe"

O4 - HKCU\..\Run: [CEPN] "C:\Documents and Settings\Pete's\CEPN.exe"

O4 - HKCU\..\Run: [wne] "C:\WINDOWS\system32\wne.exe"

O4 - HKCU\..\Run: [wrxpwr] "C:\WINDOWS\system32\wrxpwr.exe"

O4 - HKCU\..\Run: [bQDN] "C:\Documents and Settings\Pete's\BQDN.exe"

O4 - HKCU\..\Run: [wtbt] "C:\WINDOWS\system32\wtbt.exe"

O4 - HKCU\..\Run: [wln] "C:\WINDOWS\system32\wln.exe"

O4 - HKCU\..\Run: [TJNU] "C:\Documents and Settings\Pete's\TJNU.exe"

O4 - HKCU\..\Run: [wfgmprnv] "C:\WINDOWS\system32\wfgmprnv.exe"

O4 - HKCU\..\Run: [QFPB] "C:\Documents and Settings\Pete's\QFPB.exe"

O4 - HKCU\..\Run: [wmrpkj] "C:\WINDOWS\system32\wmrpkj.exe"

O4 - HKCU\..\Run: [FOJQ] "C:\Documents and Settings\Pete's\FOJQ.exe"

O4 - HKCU\..\Run: [whthvk] "C:\WINDOWS\system32\whthvk.exe"

O4 - HKCU\..\Run: [JMKP] "C:\Documents and Settings\Pete's\JMKP.exe"

O4 - HKCU\..\Run: [wdlvxemj] "C:\WINDOWS\system32\wdlvxemj.exe"

O4 - HKCU\..\Run: [QSFD] "C:\Documents and Settings\Pete's\QSFD.exe"

O4 - HKCU\..\Run: [wyvvbbsy] "C:\WINDOWS\system32\wyvvbbsy.exe"

O4 - HKCU\..\Run: [iQSI] "C:\Documents and Settings\Pete's\IQSI.exe"

O4 - HKCU\..\Run: [PANG] "C:\Documents and Settings\Pete's\PANG.exe"

O4 - HKCU\..\Run: [wprkjp] "C:\WINDOWS\system32\wprkjp.exe"

O4 - HKCU\..\Run: [GMBA] "C:\Documents and Settings\Pete's\GMBA.exe"

O4 - HKCU\..\Run: [wbkirlj] "C:\WINDOWS\system32\wbkirlj.exe"

O4 - HKCU\..\Run: [EEIS] "C:\Documents and Settings\Pete's\EEIS.exe"

O4 - HKCU\..\Run: [wcbfdu] "C:\WINDOWS\system32\wcbfdu.exe"

O4 - HKCU\..\Run: [EGAF] "C:\Documents and Settings\Pete's\EGAF.exe"

O4 - HKCU\..\Run: [NJRB] "C:\Documents and Settings\Pete's\NJRB.exe"

O4 - HKCU\..\Run: [PJNC] "C:\Documents and Settings\Pete's\PJNC.exe"

O4 - HKCU\..\Run: [bUIC] "C:\Documents and Settings\Pete's\BUIC.exe"

O4 - HKCU\..\Run: [GNMS] "C:\Documents and Settings\Pete's\GNMS.exe"

O4 - HKCU\..\Run: [CGAH] "C:\Documents and Settings\Pete's\CGAH.exe"

O4 - HKCU\..\Run: [TDOB] "C:\Documents and Settings\Pete's\TDOB.exe"

O4 - HKCU\..\Run: [LJGR] "C:\Documents and Settings\Pete's\LJGR.exe"

O4 - HKCU\..\Run: [iULQ] "C:\Documents and Settings\Pete's\IULQ.exe"

O4 - HKCU\..\Run: [PTUU] "C:\Documents and Settings\Pete's\PTUU.exe"

O4 - HKCU\..\Run: [NIJD] "C:\Documents and Settings\Pete's\NIJD.exe"

O4 - HKCU\..\Run: [CQSD] "C:\Documents and Settings\Pete's\CQSD.exe"

O4 - HKCU\..\Run: [EETM] "C:\Documents and Settings\Pete's\EETM.exe"

O4 - HKCU\..\Run: [TCIM] "C:\Documents and Settings\Pete's\TCIM.exe"

O4 - HKCU\..\Run: [GASJ] "C:\Documents and Settings\Pete's\GASJ.exe"

O4 - HKCU\..\Run: [iHSD] "C:\Documents and Settings\Pete's\IHSD.exe"

O4 - HKCU\..\Run: [RKGH] "C:\Documents and Settings\Pete's\RKGH.exe"

O4 - HKCU\..\Run: [JOMC] "C:\Documents and Settings\Pete's\JOMC.exe"

O4 - HKCU\..\Run: [iLCK] "C:\Documents and Settings\Pete's\ILCK.exe"

O4 - HKCU\..\Run: [KRQU] "C:\Documents and Settings\Pete's\KRQU.exe"

O4 - HKCU\..\Run: [MGGP] "C:\Documents and Settings\Pete's\MGGP.exe"

O4 - HKCU\..\Run: [DDKD] "C:\WINDOWS\system32\DDKD.exe"

O4 - HKCU\..\Run: [HLID] "C:\WINDOWS\system32\HLID.exe"

O4 - HKCU\..\Run: [PIQJ] "C:\Documents and Settings\Pete's\PIQJ.exe"

O4 - HKCU\..\Run: [iAQM] "C:\Documents and Settings\Pete's\IAQM.exe"

O4 - HKCU\..\Run: [HCAR] "C:\Documents and Settings\Pete's\HCAR.exe"

O4 - HKCU\..\Run: [TDRF] "C:\Documents and Settings\Pete's\TDRF.exe"

O4 - HKCU\..\Run: [APFK] "C:\Documents and Settings\Pete's\APFK.exe"

O4 - HKCU\..\Run: [EATI] "C:\Documents and Settings\Pete's\EATI.exe"

O4 - HKCU\..\Run: [AGKN] "C:\Documents and Settings\Pete's\AGKN.exe"

O4 - HKCU\..\Run: [HPHK] "C:\Documents and Settings\Pete's\HPHK.exe"

O4 - HKCU\..\Run: [bPNB] "C:\Documents and Settings\Pete's\BPNB.exe"

O4 - HKCU\..\Run: [DHES] "C:\Documents and Settings\Pete's\DHES.exe"

O4 - HKCU\..\Run: [TSMB] "C:\Documents and Settings\Pete's\TSMB.exe"

O4 - HKCU\..\Run: [OKFI] "C:\Documents and Settings\Pete's\OKFI.exe"

O4 - HKCU\..\Run: [OMLF] "C:\Documents and Settings\Pete's\OMLF.exe"

O4 - HKCU\..\Run: [KIJM] "C:\Documents and Settings\Pete's\KIJM.exe"

O4 - HKCU\..\Run: [KICA] "C:\Documents and Settings\Pete's\KICA.exe"

O4 - HKCU\..\Run: [QGRL] "C:\Documents and Settings\Pete's\QGRL.exe"

O4 - HKCU\..\Run: [EUMS] "C:\Documents and Settings\Pete's\EUMS.exe"

O4 - HKCU\..\Run: [MECC] "C:\Documents and Settings\Pete's\MECC.exe"

O4 - HKCU\..\Run: [LNJK] "C:\Documents and Settings\Pete's\LNJK.exe"

O4 - HKCU\..\Run: [QEIH] "C:\Documents and Settings\Pete's\QEIH.exe"

O4 - HKCU\..\Run: [iNNF] "C:\Documents and Settings\Pete's\INNF.exe"

O4 - HKCU\..\Run: [LQIH] "C:\Documents and Settings\Pete's\LQIH.exe"

O4 - HKCU\..\Run: [OJEE] "C:\Documents and Settings\Pete's\OJEE.exe"

O4 - HKCU\..\Run: [PDUJ] "C:\Documents and Settings\Pete's\PDUJ.exe"

O4 - HKCU\..\Run: [JJNT] "C:\Documents and Settings\Pete's\JJNT.exe"

O4 - HKCU\..\Run: [ESJU] "C:\Documents and Settings\Pete's\ESJU.exe"

O4 - HKCU\..\Run: [KUQC] "C:\Documents and Settings\Pete's\KUQC.exe"

O4 - HKCU\..\Run: [KRIB] "C:\Documents and Settings\Pete's\KRIB.exe"

O4 - HKCU\..\Run: [TCPU] "C:\Documents and Settings\Pete's\TCPU.exe"

O4 - HKCU\..\Run: [NUIC] "C:\Documents and Settings\Pete's\NUIC.exe"

O4 - HKCU\..\Run: [DRKH] "C:\Documents and Settings\Pete's\DRKH.exe"

O4 - HKCU\..\Run: [NDMN] "C:\Documents and Settings\Pete's\NDMN.exe"

O4 - HKCU\..\Run: [FJNK] "C:\Documents and Settings\Pete's\FJNK.exe"

O4 - HKCU\..\Run: [bBBQ] "C:\Documents and Settings\Pete's\BBBQ.exe"

O4 - HKCU\..\Run: [KDLD] "C:\Documents and Settings\Pete's\KDLD.exe"

O4 - HKCU\..\Run: [LTBU] "C:\Documents and Settings\Pete's\LTBU.exe"

O4 - HKCU\..\Run: [NGNF] "C:\Documents and Settings\Pete's\NGNF.exe"

O4 - HKCU\..\Run: [RNNE] "C:\Documents and Settings\Pete's\RNNE.exe"

O4 - HKCU\..\Run: [RUUA] "C:\Documents and Settings\Pete's\RUUA.exe"

O4 - HKCU\..\Run: [PINM] "C:\Documents and Settings\Pete's\PINM.exe"

O4 - HKCU\..\Run: [TREO] "C:\Documents and Settings\Pete's\TREO.exe"

O4 - HKCU\..\Run: [GORF] "C:\Documents and Settings\Pete's\GORF.exe"

O4 - HKCU\..\Run: [bSGS] "C:\Documents and Settings\Pete's\BSGS.exe"

O4 - HKCU\..\Run: [FHNC] "C:\Documents and Settings\Pete's\FHNC.exe"

O4 - HKCU\..\Run: [JPIT] "C:\Documents and Settings\Pete's\JPIT.exe"

O4 - HKCU\..\Run: [DAPT] "C:\Documents and Settings\Pete's\DAPT.exe"

O4 - HKCU\..\Run: [KBCP] "C:\Documents and Settings\Pete's\KBCP.exe"

O4 - HKCU\..\Run: [QLUE] "C:\Documents and Settings\Pete's\QLUE.exe"

O4 - HKCU\..\Run: [DKBR] "C:\Documents and Settings\Pete's\DKBR.exe"

O4 - HKCU\..\Run: [RGGK] "C:\Documents and Settings\Pete's\RGGK.exe"

O4 - HKCU\..\Run: [iUMR] "C:\Documents and Settings\Pete's\IUMR.exe"

O4 - HKCU\..\Run: [JNTT] "C:\Documents and Settings\Pete's\JNTT.exe"

O4 - HKCU\..\Run: [MMIK] "C:\Documents and Settings\Pete's\MMIK.exe"

O4 - HKCU\..\Run: [JPAS] "C:\Documents and Settings\Pete's\JPAS.exe"

O4 - HKCU\..\Run: [FRLK] "C:\Documents and Settings\Pete's\FRLK.exe"

O4 - HKCU\..\Run: [AJPF] "C:\Documents and Settings\Pete's\AJPF.exe"

O4 - HKCU\..\Run: [JLMD] "C:\Documents and Settings\Pete's\JLMD.exe"

O4 - HKCU\..\Run: [HITN] "C:\Documents and Settings\Pete's\HITN.exe"

O4 - HKCU\..\Run: [LNBD] "C:\Documents and Settings\Pete's\LNBD.exe"

O4 - HKCU\..\Run: [bMID] "C:\Documents and Settings\Pete's\BMID.exe"

O4 - HKCU\..\Run: [TORH] "C:\Documents and Settings\Pete's\TORH.exe"

O4 - HKCU\..\Run: [TJUI] "C:\Documents and Settings\Pete's\TJUI.exe"

O4 - HKCU\..\Run: [RNUA] "C:\Documents and Settings\Pete's\RNUA.exe"

O4 - HKCU\..\Run: [JMQQ] "C:\Documents and Settings\Pete's\JMQQ.exe"

O4 - HKCU\..\Run: [FNRM] "C:\Documents and Settings\Pete's\FNRM.exe"

O4 - HKCU\..\Run: [JCPD] "C:\Documents and Settings\Pete's\JCPD.exe"

O4 - HKCU\..\Run: [DDAC] "C:\Documents and Settings\Pete's\DDAC.exe"

O4 - HKCU\..\Run: [iFLS] "C:\Documents and Settings\Pete's\IFLS.exe"

O4 - HKCU\..\Run: [bJFG] "C:\Documents and Settings\Pete's\BJFG.exe"

O4 - HKCU\..\Run: [HQEO] "C:\Documents and Settings\Pete's\HQEO.exe"

O4 - HKCU\..\Run: [HPGH] "C:\Documents and Settings\Pete's\HPGH.exe"

O4 - HKCU\..\Run: [JULO] "C:\Documents and Settings\Pete's\JULO.exe"

O4 - HKCU\..\Run: [DBGQ] "C:\Documents and Settings\Pete's\DBGQ.exe"

O4 - HKCU\..\Run: [MFLM] "C:\Documents and Settings\Pete's\MFLM.exe"

O4 - HKCU\..\Run: [FROT] "C:\Documents and Settings\Pete's\FROT.exe"

O4 - HKCU\..\Run: [OIUD] "C:\Documents and Settings\Pete's\OIUD.exe"

O4 - HKCU\..\Run: [HSJH] "C:\Documents and Settings\Pete's\HSJH.exe"

O4 - HKCU\..\Run: [NUON] "C:\Documents and Settings\Pete's\NUON.exe"

O4 - HKCU\..\Run: [THDB] "C:\Documents and Settings\Pete's\THDB.exe"

O4 - HKCU\..\Run: [12] "C:\WINDOWS\system32\12.exe"

O4 - HKCU\..\Run: [GPPE] "C:\Documents and Settings\Pete's\GPPE.exe"

O4 - HKCU\..\Run: [JHFL] "C:\Documents and Settings\Pete's\JHFL.exe"

O4 - HKCU\..\Run: [DUUB] "C:\Documents and Settings\Pete's\DUUB.exe"

O4 - HKCU\..\Run: [AFDQ] "C:\Documents and Settings\Pete's\AFDQ.exe"

O4 - HKCU\..\Run: [LRRF] "C:\Documents and Settings\Pete's\LRRF.exe"

O4 - HKCU\..\Run: [OOJG] "C:\Documents and Settings\Pete's\OOJG.exe"

O4 - HKCU\..\Run: [ATFJ] "C:\Documents and Settings\Pete's\ATFJ.exe"

O4 - HKCU\..\Run: [EBPC] "C:\Documents and Settings\Pete's\EBPC.exe"

O4 - HKCU\..\Run: [GLMH] "C:\Documents and Settings\Pete's\GLMH.exe"

O4 - HKCU\..\Run: [LBTP] "C:\Documents and Settings\Pete's\LBTP.exe"

O4 - HKCU\..\Run: [ATQM] "C:\Documents and Settings\Pete's\ATQM.exe"

O4 - HKCU\..\Run: [bDAS] "C:\Documents and Settings\Pete's\BDAS.exe"

O4 - HKCU\..\Run: [CQEG] "C:\Documents and Settings\Pete's\CQEG.exe"

O4 - HKCU\..\Run: [NTPH] "C:\Documents and Settings\Pete's\NTPH.exe"

O4 - HKCU\..\Run: [TBDT] "C:\Documents and Settings\Pete's\TBDT.exe"

O4 - HKCU\..\Run: [RPNH] "C:\Documents and Settings\Pete's\RPNH.exe"

O4 - HKCU\..\Run: [NSDG] "C:\Documents and Settings\Pete's\NSDG.exe"

O4 - HKCU\..\Run: [NQQD] "C:\Documents and Settings\Pete's\NQQD.exe"

O4 - HKCU\..\Run: [ORUR] "C:\Documents and Settings\Pete's\ORUR.exe"

O4 - HKCU\..\Run: [iRTI] "C:\Documents and Settings\Pete's\IRTI.exe"

O4 - HKCU\..\Run: [HQAL] "C:\Documents and Settings\Pete's\HQAL.exe"

O4 - HKCU\..\Run: [iBHA] "C:\Documents and Settings\Pete's\IBHA.exe"

O4 - HKCU\..\Run: [EBUT] "C:\Documents and Settings\Pete's\EBUT.exe"

O4 - HKCU\..\Run: [POSS] "C:\Documents and Settings\Pete's\POSS.exe"

O4 - HKCU\..\Run: [bUTA] "C:\Documents and Settings\Pete's\BUTA.exe"

O4 - HKCU\..\Run: [LIBF] "C:\Documents and Settings\Pete's\LIBF.exe"

O4 - HKCU\..\Run: [AUBD] "C:\Documents and Settings\Pete's\AUBD.exe"

O4 - HKCU\..\Run: [DJIK] "C:\Documents and Settings\Pete's\DJIK.exe"

O4 - HKCU\..\Run: [ASOJ] "C:\Documents and Settings\Pete's\ASOJ.exe"

O4 - HKCU\..\Run: [bQPA] "C:\Documents and Settings\Pete's\BQPA.exe"

O4 - HKCU\..\Run: [DNRL] "C:\Documents and Settings\Pete's\DNRL.exe"

O4 - HKCU\..\Run: [LLII] "C:\Documents and Settings\Pete's\LLII.exe"

O4 - HKCU\..\Run: [QKIN] "C:\Documents and Settings\Pete's\QKIN.exe"

O4 - HKCU\..\Run: [iUIH] "C:\Documents and Settings\Pete's\IUIH.exe"

O4 - HKCU\..\Run: [MGAE] "C:\Documents and Settings\Pete's\MGAE.exe"

O4 - HKCU\..\Run: [MRAA] "C:\Documents and Settings\Pete's\MRAA.exe"

O4 - HKCU\..\Run: [sAKO] "C:\Documents and Settings\Pete's\SAKO.exe"

O4 - HKCU\..\Run: [LBGR] "C:\Documents and Settings\Pete's\LBGR.exe"

O4 - HKCU\..\Run: [LLKU] "C:\Documents and Settings\Pete's\LLKU.exe"

O4 - HKCU\..\Run: [JEAT] "C:\Documents and Settings\Pete's\JEAT.exe"

O4 - HKCU\..\Run: [MAMG] "C:\Documents and Settings\Pete's\MAMG.exe"

O4 - HKCU\..\Run: [ETOL] "C:\Documents and Settings\Pete's\ETOL.exe"

O4 - HKCU\..\Run: [GSTA] "C:\Documents and Settings\Pete's\GSTA.exe"

O4 - HKCU\..\Run: [QIKO] "C:\Documents and Settings\Pete's\QIKO.exe"

O4 - HKCU\..\Run: [NSQU] "C:\Documents and Settings\Pete's\NSQU.exe"

O4 - HKCU\..\Run: [NMAK] "C:\Documents and Settings\Pete's\NMAK.exe"

O4 - HKCU\..\Run: [HJLN] "C:\Documents and Settings\Pete's\HJLN.exe"

O4 - HKCU\..\Run: [FICH] "C:\Documents and Settings\Pete's\FICH.exe"

O4 - HKCU\..\Run: [LNFN] "C:\Documents and Settings\Pete's\LNFN.exe"

O4 - Startup: PowerReg Scheduler V3.exe

O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Run Nintendo Wi-Fi USB Connector Registration Tool.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe

O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Mail to a Friend... - http://client.alexa.com/holiday/script/actions/mailto.htm

O8 - Extra context menu item: Open in New &Window (PopOops) - C:\WINDOWS\Web\PopOops.htm

O8 - Extra context menu item: See Related Links - http://client.alexa.com/holiday/script/actions/related.htm

O8 - Extra context menu item: Write a Review... - http://client.alexa.com/holiday/script/actions/review.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)

O9 - Extra button: Panda ActiveScan - {653D93AF-C741-4e5e-8C1B-59BA43F93E16} - http://www.pandasoftware.com/activescan (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab

O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab

O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab

O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab

O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {A954AFC3-3A26-44C2-A126-2B61C09F8FC9} (SNRecovery Control) - http://www.cybersitter.com/recovery/ocx/SerialRecovery.ocx

O16 - DPF: {C52439A0-2693-4E40-B141-9F9AD5257241} (Lexmark eDiagnostics Class) - https://ediagnostics.lexmark.com/serval.cab

O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe

O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

O23 - Service: Uno Installer (UnoInstallerService) - Unknown owner - C:\Program Files\M-Audio Uno\UnoInst.exe

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

[therock247uk]

Please go here to upload a suspicious file for analysis.

• Enter your username from this forum
  
• Copy and paste the link to this thread
  
• Browse for this filename: C:\WINDOWS\system32\com11N.dll
  
• In the comments, please mention that I asked you to upload this file
  
• Click on Send File
  

[kohu]

I can't seem to find it.

[therock247uk]

Can you try putting just C:\WINDOWS\system32\com11N.dll in the box and clicking submit?

[kohu]

Okay, It said successfully submitted.

[therock247uk]

Open Hijackthis and click scan. Then check mark the following entries

O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O4 - HKCU\..\Run: [com11N] RunDll32.exe C:\WINDOWS\system32\com11N.dll,Setup

O4 - HKCU\..\Run: [wxluql] "C:\WINDOWS\system32\wxluql.exe"

O4 - HKCU\..\Run: [explorer] C:\WINDOWS\explorer.exe

O4 - HKCU\..\Run: [iexplore] C:\Program Files\Internet Explorer\iexplore.exe

O4 - HKCU\..\Run: [1] "C:\WINDOWS\system32\1.exe"

O4 - HKCU\..\Run: [wdlsjm] "C:\WINDOWS\system32\wdlsjm.exe"

O4 - HKCU\..\Run: [wtgac] "C:\WINDOWS\system32\wtgac.exe"

O4 - HKCU\..\Run: [wjmyret] "C:\WINDOWS\system32\wjmyret.exe"

O4 - HKCU\..\Run: [wpwerlgs] "C:\WINDOWS\system32\wpwerlgs.exe"

O4 - HKCU\..\Run: [walfwey] "C:\WINDOWS\system32\walfwey.exe"

O4 - HKCU\..\Run: [wfuotvq] "C:\WINDOWS\system32\wfuotvq.exe"

O4 - HKCU\..\Run: [wlmjiko] "C:\WINDOWS\system32\wlmjiko.exe"

O4 - HKCU\..\Run: [wrpmu] "C:\WINDOWS\system32\wrpmu.exe"

O4 - HKCU\..\Run: [wyxb] "C:\WINDOWS\system32\wyxb.exe"

O4 - HKCU\..\Run: [wgujry] "C:\WINDOWS\system32\wgujry.exe"

O4 - HKCU\..\Run: [wpscpw] "C:\WINDOWS\system32\wpscpw.exe"

O4 - HKCU\..\Run: [wgrwnvqgm] "C:\WINDOWS\system32\wgrwnvqgm.exe"

O4 - HKCU\..\Run: [wmrnxn] "C:\WINDOWS\system32\wmrnxn.exe"

O4 - HKCU\..\Run: [wesh] "C:\WINDOWS\system32\wesh.exe"

O4 - HKCU\..\Run: [wxxkobjhf] "C:\WINDOWS\system32\wxxkobjhf.exe"

O4 - HKCU\..\Run: [wynbnuob] "C:\WINDOWS\system32\wynbnuob.exe"

O4 - HKCU\..\Run: [wvfp] "C:\WINDOWS\system32\wvfp.exe"

O4 - HKCU\..\Run: [wfqnxn] "C:\WINDOWS\system32\wfqnxn.exe"

O4 - HKCU\..\Run: [wpeyo] "C:\WINDOWS\system32\wpeyo.exe"

O4 - HKCU\..\Run: [wcrwtyb] "C:\WINDOWS\system32\wcrwtyb.exe"

O4 - HKCU\..\Run: [wbdjkku] "C:\WINDOWS\system32\wbdjkku.exe"

O4 - HKCU\..\Run: [wwftyxj] "C:\WINDOWS\system32\wwftyxj.exe"

O4 - HKCU\..\Run: [wvuctb] "C:\WINDOWS\system32\wvuctb.exe"

O4 - HKCU\..\Run: [wreilv] "C:\WINDOWS\system32\wreilv.exe"

O4 - HKCU\..\Run: [wgntey] "C:\WINDOWS\system32\wgntey.exe"

O4 - HKCU\..\Run: [wobwoma] "C:\WINDOWS\system32\wobwoma.exe"

O4 - HKCU\..\Run: [wxjisu] "C:\WINDOWS\system32\wxjisu.exe"

O4 - HKCU\..\Run: [wqkfnpt] "C:\WINDOWS\system32\wqkfnpt.exe"

O4 - HKCU\..\Run: [wwnbta] "C:\WINDOWS\system32\wwnbta.exe"

O4 - HKCU\..\Run: [warxgjt] "C:\WINDOWS\system32\warxgjt.exe"

O4 - HKCU\..\Run: [wtgnd] "C:\WINDOWS\system32\wtgnd.exe"

O4 - HKCU\..\Run: [wgnryw] "C:\WINDOWS\system32\wgnryw.exe"

O4 - HKCU\..\Run: [wrtg] "C:\WINDOWS\system32\wrtg.exe"

O4 - HKCU\..\Run: [wsj] "C:\WINDOWS\system32\wsj.exe"

O4 - HKCU\..\Run: [wjmmyu] "C:\WINDOWS\system32\wjmmyu.exe"

O4 - HKCU\..\Run: [wqdksiek] "C:\WINDOWS\system32\wqdksiek.exe"

O4 - HKCU\..\Run: [wukkg] "C:\WINDOWS\system32\wukkg.exe"

O4 - HKCU\..\Run: [wvcfyks] "C:\WINDOWS\system32\wvcfyks.exe"

O4 - HKCU\..\Run: [wgpmhm] "C:\WINDOWS\system32\wgpmhm.exe"

O4 - HKCU\..\Run: [wemoy] "C:\WINDOWS\system32\wemoy.exe"

O4 - HKCU\..\Run: [wurjhsw] "C:\WINDOWS\system32\wurjhsw.exe"

O4 - HKCU\..\Run: [wped] "C:\WINDOWS\system32\wped.exe"

O4 - HKCU\..\Run: [wkxoujg] "C:\WINDOWS\system32\wkxoujg.exe"

O4 - HKCU\..\Run: [wwwwgt] "C:\WINDOWS\system32\wwwwgt.exe"

O4 - HKCU\..\Run: [wcdvmom] "C:\WINDOWS\system32\wcdvmom.exe"

O4 - HKCU\..\Run: [wwfj] "C:\WINDOWS\system32\wwfj.exe"

O4 - HKCU\..\Run: [wgdqmoxtd] "C:\WINDOWS\system32\wgdqmoxtd.exe"

O4 - HKCU\..\Run: [wcmhvms] "C:\WINDOWS\system32\wcmhvms.exe"

O4 - HKCU\..\Run: [wrfquawcj] "C:\WINDOWS\system32\wrfquawcj.exe"

O4 - HKCU\..\Run: [wcfr] "C:\WINDOWS\system32\wcfr.exe"

O4 - HKCU\..\Run: [wrvrj] "C:\WINDOWS\system32\wrvrj.exe"

O4 - HKCU\..\Run: [wqjmqkg] "C:\WINDOWS\system32\wqjmqkg.exe"

O4 - HKCU\..\Run: [woj] "C:\WINDOWS\system32\woj.exe"

O4 - HKCU\..\Run: [wmigeqpw] "C:\WINDOWS\system32\wmigeqpw.exe"

O4 - HKCU\..\Run: [wtqkmgq] "C:\WINDOWS\system32\wtqkmgq.exe"

O4 - HKCU\..\Run: [whbs] "C:\WINDOWS\system32\whbs.exe"

O4 - HKCU\..\Run: [wpor] "C:\WINDOWS\system32\wpor.exe"

O4 - HKCU\..\Run: [wyvo] "C:\WINDOWS\system32\wyvo.exe"

O4 - HKCU\..\Run: [wghj] "C:\WINDOWS\system32\wghj.exe"

O4 - HKCU\..\Run: [webtxa] "C:\WINDOWS\system32\webtxa.exe"

O4 - HKCU\..\Run: [whdtymxgf] "C:\WINDOWS\system32\whdtymxgf.exe"

O4 - HKCU\..\Run: [wedbrt] "C:\WINDOWS\system32\wedbrt.exe"

O4 - HKCU\..\Run: [wtcje] "C:\WINDOWS\system32\wtcje.exe"

O4 - HKCU\..\Run: [wvcbiks] "C:\WINDOWS\system32\wvcbiks.exe"

O4 - HKCU\..\Run: [wejl] "C:\WINDOWS\system32\wejl.exe"

O4 - HKCU\..\Run: [wdti] "C:\WINDOWS\system32\wdti.exe"

O4 - HKCU\..\Run: [wjtxbwq] "C:\WINDOWS\system32\wjtxbwq.exe"

O4 - HKCU\..\Run: [wprwkn] "C:\WINDOWS\system32\wprwkn.exe"

O4 - HKCU\..\Run: [wlmgrhuq] "C:\WINDOWS\system32\wlmgrhuq.exe"

O4 - HKCU\..\Run: [wpm] "C:\WINDOWS\system32\wpm.exe"

O4 - HKCU\..\Run: [wujja] "C:\WINDOWS\system32\wujja.exe"

O4 - HKCU\..\Run: [wreptjplh] "C:\WINDOWS\system32\wreptjplh.exe"

O4 - HKCU\..\Run: [wie] "C:\WINDOWS\system32\wie.exe"

O4 - HKCU\..\Run: [wxumr] "C:\WINDOWS\system32\wxumr.exe"

O4 - HKCU\..\Run: [whlyke] "C:\WINDOWS\system32\whlyke.exe"

O4 - HKCU\..\Run: [HTFU] "C:\Documents and Settings\Pete's\HTFU.exe"

O4 - HKCU\..\Run: [wdbyl] "C:\WINDOWS\system32\wdbyl.exe"

O4 - HKCU\..\Run: [GGAI] "C:\Documents and Settings\Pete's\GGAI.exe"

O4 - HKCU\..\Run: [wqkmtpmte] "C:\WINDOWS\system32\wqkmtpmte.exe"

O4 - HKCU\..\Run: [FFIP] "C:\Documents and Settings\Pete's\FFIP.exe"

O4 - HKCU\..\Run: [wsqyk] "C:\WINDOWS\system32\wsqyk.exe"

O4 - HKCU\..\Run: [CEPN] "C:\Documents and Settings\Pete's\CEPN.exe"

O4 - HKCU\..\Run: [wne] "C:\WINDOWS\system32\wne.exe"

O4 - HKCU\..\Run: [wrxpwr] "C:\WINDOWS\system32\wrxpwr.exe"

O4 - HKCU\..\Run: [bQDN] "C:\Documents and Settings\Pete's\BQDN.exe"

O4 - HKCU\..\Run: [wtbt] "C:\WINDOWS\system32\wtbt.exe"

O4 - HKCU\..\Run: [wln] "C:\WINDOWS\system32\wln.exe"

O4 - HKCU\..\Run: [TJNU] "C:\Documents and Settings\Pete's\TJNU.exe"

O4 - HKCU\..\Run: [wfgmprnv] "C:\WINDOWS\system32\wfgmprnv.exe"

O4 - HKCU\..\Run: [QFPB] "C:\Documents and Settings\Pete's\QFPB.exe"

O4 - HKCU\..\Run: [wmrpkj] "C:\WINDOWS\system32\wmrpkj.exe"

O4 - HKCU\..\Run: [FOJQ] "C:\Documents and Settings\Pete's\FOJQ.exe"

O4 - HKCU\..\Run: [whthvk] "C:\WINDOWS\system32\whthvk.exe"

O4 - HKCU\..\Run: [JMKP] "C:\Documents and Settings\Pete's\JMKP.exe"

O4 - HKCU\..\Run: [wdlvxemj] "C:\WINDOWS\system32\wdlvxemj.exe"

O4 - HKCU\..\Run: [QSFD] "C:\Documents and Settings\Pete's\QSFD.exe"

O4 - HKCU\..\Run: [wyvvbbsy] "C:\WINDOWS\system32\wyvvbbsy.exe"

O4 - HKCU\..\Run: [iQSI] "C:\Documents and Settings\Pete's\IQSI.exe"

O4 - HKCU\..\Run: [PANG] "C:\Documents and Settings\Pete's\PANG.exe"

O4 - HKCU\..\Run: [wprkjp] "C:\WINDOWS\system32\wprkjp.exe"

O4 - HKCU\..\Run: [GMBA] "C:\Documents and Settings\Pete's\GMBA.exe"

O4 - HKCU\..\Run: [wbkirlj] "C:\WINDOWS\system32\wbkirlj.exe"

O4 - HKCU\..\Run: [EEIS] "C:\Documents and Settings\Pete's\EEIS.exe"

O4 - HKCU\..\Run: [wcbfdu] "C:\WINDOWS\system32\wcbfdu.exe"

O4 - HKCU\..\Run: [EGAF] "C:\Documents and Settings\Pete's\EGAF.exe"

O4 - HKCU\..\Run: [NJRB] "C:\Documents and Settings\Pete's\NJRB.exe"

O4 - HKCU\..\Run: [PJNC] "C:\Documents and Settings\Pete's\PJNC.exe"

O4 - HKCU\..\Run: [bUIC] "C:\Documents and Settings\Pete's\BUIC.exe"

O4 - HKCU\..\Run: [GNMS] "C:\Documents and Settings\Pete's\GNMS.exe"

O4 - HKCU\..\Run: [CGAH] "C:\Documents and Settings\Pete's\CGAH.exe"

O4 - HKCU\..\Run: [TDOB] "C:\Documents and Settings\Pete's\TDOB.exe"

O4 - HKCU\..\Run: [LJGR] "C:\Documents and Settings\Pete's\LJGR.exe"

O4 - HKCU\..\Run: [iULQ] "C:\Documents and Settings\Pete's\IULQ.exe"

O4 - HKCU\..\Run: [PTUU] "C:\Documents and Settings\Pete's\PTUU.exe"

O4 - HKCU\..\Run: [NIJD] "C:\Documents and Settings\Pete's\NIJD.exe"

O4 - HKCU\..\Run: [CQSD] "C:\Documents and Settings\Pete's\CQSD.exe"

O4 - HKCU\..\Run: [EETM] "C:\Documents and Settings\Pete's\EETM.exe"

O4 - HKCU\..\Run: [TCIM] "C:\Documents and Settings\Pete's\TCIM.exe"

O4 - HKCU\..\Run: [GASJ] "C:\Documents and Settings\Pete's\GASJ.exe"

O4 - HKCU\..\Run: [iHSD] "C:\Documents and Settings\Pete's\IHSD.exe"

O4 - HKCU\..\Run: [RKGH] "C:\Documents and Settings\Pete's\RKGH.exe"

O4 - HKCU\..\Run: [JOMC] "C:\Documents and Settings\Pete's\JOMC.exe"

O4 - HKCU\..\Run: [iLCK] "C:\Documents and Settings\Pete's\ILCK.exe"

O4 - HKCU\..\Run: [KRQU] "C:\Documents and Settings\Pete's\KRQU.exe"

O4 - HKCU\..\Run: [MGGP] "C:\Documents and Settings\Pete's\MGGP.exe"

O4 - HKCU\..\Run: [DDKD] "C:\WINDOWS\system32\DDKD.exe"

O4 - HKCU\..\Run: [HLID] "C:\WINDOWS\system32\HLID.exe"

O4 - HKCU\..\Run: [PIQJ] "C:\Documents and Settings\Pete's\PIQJ.exe"

O4 - HKCU\..\Run: [iAQM] "C:\Documents and Settings\Pete's\IAQM.exe"

O4 - HKCU\..\Run: [HCAR] "C:\Documents and Settings\Pete's\HCAR.exe"

O4 - HKCU\..\Run: [TDRF] "C:\Documents and Settings\Pete's\TDRF.exe"

O4 - HKCU\..\Run: [APFK] "C:\Documents and Settings\Pete's\APFK.exe"

O4 - HKCU\..\Run: [EATI] "C:\Documents and Settings\Pete's\EATI.exe"

O4 - HKCU\..\Run: [AGKN] "C:\Documents and Settings\Pete's\AGKN.exe"

O4 - HKCU\..\Run: [HPHK] "C:\Documents and Settings\Pete's\HPHK.exe"

O4 - HKCU\..\Run: [bPNB] "C:\Documents and Settings\Pete's\BPNB.exe"

O4 - HKCU\..\Run: [DHES] "C:\Documents and Settings\Pete's\DHES.exe"

O4 - HKCU\..\Run: [TSMB] "C:\Documents and Settings\Pete's\TSMB.exe"

O4 - HKCU\..\Run: [OKFI] "C:\Documents and Settings\Pete's\OKFI.exe"

O4 - HKCU\..\Run: [OMLF] "C:\Documents and Settings\Pete's\OMLF.exe"

O4 - HKCU\..\Run: [KIJM] "C:\Documents and Settings\Pete's\KIJM.exe"

O4 - HKCU\..\Run: [KICA] "C:\Documents and Settings\Pete's\KICA.exe"

O4 - HKCU\..\Run: [QGRL] "C:\Documents and Settings\Pete's\QGRL.exe"

O4 - HKCU\..\Run: [EUMS] "C:\Documents and Settings\Pete's\EUMS.exe"

O4 - HKCU\..\Run: [MECC] "C:\Documents and Settings\Pete's\MECC.exe"

O4 - HKCU\..\Run: [LNJK] "C:\Documents and Settings\Pete's\LNJK.exe"

O4 - HKCU\..\Run: [QEIH] "C:\Documents and Settings\Pete's\QEIH.exe"

O4 - HKCU\..\Run: [iNNF] "C:\Documents and Settings\Pete's\INNF.exe"

O4 - HKCU\..\Run: [LQIH] "C:\Documents and Settings\Pete's\LQIH.exe"

O4 - HKCU\..\Run: [OJEE] "C:\Documents and Settings\Pete's\OJEE.exe"

O4 - HKCU\..\Run: [PDUJ] "C:\Documents and Settings\Pete's\PDUJ.exe"

O4 - HKCU\..\Run: [JJNT] "C:\Documents and Settings\Pete's\JJNT.exe"

O4 - HKCU\..\Run: [ESJU] "C:\Documents and Settings\Pete's\ESJU.exe"

O4 - HKCU\..\Run: [KUQC] "C:\Documents and Settings\Pete's\KUQC.exe"

O4 - HKCU\..\Run: [KRIB] "C:\Documents and Settings\Pete's\KRIB.exe"

O4 - HKCU\..\Run: [TCPU] "C:\Documents and Settings\Pete's\TCPU.exe"

O4 - HKCU\..\Run: [NUIC] "C:\Documents and Settings\Pete's\NUIC.exe"

O4 - HKCU\..\Run: [DRKH] "C:\Documents and Settings\Pete's\DRKH.exe"

O4 - HKCU\..\Run: [NDMN] "C:\Documents and Settings\Pete's\NDMN.exe"

O4 - HKCU\..\Run: [FJNK] "C:\Documents and Settings\Pete's\FJNK.exe"

O4 - HKCU\..\Run: [bBBQ] "C:\Documents and Settings\Pete's\BBBQ.exe"

O4 - HKCU\..\Run: [KDLD] "C:\Documents and Settings\Pete's\KDLD.exe"

O4 - HKCU\..\Run: [LTBU] "C:\Documents and Settings\Pete's\LTBU.exe"

O4 - HKCU\..\Run: [NGNF] "C:\Documents and Settings\Pete's\NGNF.exe"

O4 - HKCU\..\Run: [RNNE] "C:\Documents and Settings\Pete's\RNNE.exe"

O4 - HKCU\..\Run: [RUUA] "C:\Documents and Settings\Pete's\RUUA.exe"

O4 - HKCU\..\Run: [PINM] "C:\Documents and Settings\Pete's\PINM.exe"

O4 - HKCU\..\Run: [TREO] "C:\Documents and Settings\Pete's\TREO.exe"

O4 - HKCU\..\Run: [GORF] "C:\Documents and Settings\Pete's\GORF.exe"

O4 - HKCU\..\Run: [bSGS] "C:\Documents and Settings\Pete's\BSGS.exe"

O4 - HKCU\..\Run: [FHNC] "C:\Documents and Settings\Pete's\FHNC.exe"

O4 - HKCU\..\Run: [JPIT] "C:\Documents and Settings\Pete's\JPIT.exe"

O4 - HKCU\..\Run: [DAPT] "C:\Documents and Settings\Pete's\DAPT.exe"

O4 - HKCU\..\Run: [KBCP] "C:\Documents and Settings\Pete's\KBCP.exe"

O4 - HKCU\..\Run: [QLUE] "C:\Documents and Settings\Pete's\QLUE.exe"

O4 - HKCU\..\Run: [DKBR] "C:\Documents and Settings\Pete's\DKBR.exe"

O4 - HKCU\..\Run: [RGGK] "C:\Documents and Settings\Pete's\RGGK.exe"

O4 - HKCU\..\Run: [iUMR] "C:\Documents and Settings\Pete's\IUMR.exe"

O4 - HKCU\..\Run: [JNTT] "C:\Documents and Settings\Pete's\JNTT.exe"

O4 - HKCU\..\Run: [MMIK] "C:\Documents and Settings\Pete's\MMIK.exe"

O4 - HKCU\..\Run: [JPAS] "C:\Documents and Settings\Pete's\JPAS.exe"

O4 - HKCU\..\Run: [FRLK] "C:\Documents and Settings\Pete's\FRLK.exe"

O4 - HKCU\..\Run: [AJPF] "C:\Documents and Settings\Pete's\AJPF.exe"

O4 - HKCU\..\Run: [JLMD] "C:\Documents and Settings\Pete's\JLMD.exe"

O4 - HKCU\..\Run: [HITN] "C:\Documents and Settings\Pete's\HITN.exe"

O4 - HKCU\..\Run: [LNBD] "C:\Documents and Settings\Pete's\LNBD.exe"

O4 - HKCU\..\Run: [bMID] "C:\Documents and Settings\Pete's\BMID.exe"

O4 - HKCU\..\Run: [TORH] "C:\Documents and Settings\Pete's\TORH.exe"

O4 - HKCU\..\Run: [TJUI] "C:\Documents and Settings\Pete's\TJUI.exe"

O4 - HKCU\..\Run: [RNUA] "C:\Documents and Settings\Pete's\RNUA.exe"

O4 - HKCU\..\Run: [JMQQ] "C:\Documents and Settings\Pete's\JMQQ.exe"

O4 - HKCU\..\Run: [FNRM] "C:\Documents and Settings\Pete's\FNRM.exe"

O4 - HKCU\..\Run: [JCPD] "C:\Documents and Settings\Pete's\JCPD.exe"

O4 - HKCU\..\Run: [DDAC] "C:\Documents and Settings\Pete's\DDAC.exe"

O4 - HKCU\..\Run: [iFLS] "C:\Documents and Settings\Pete's\IFLS.exe"

O4 - HKCU\..\Run: [bJFG] "C:\Documents and Settings\Pete's\BJFG.exe"

O4 - HKCU\..\Run: [HQEO] "C:\Documents and Settings\Pete's\HQEO.exe"

O4 - HKCU\..\Run: [HPGH] "C:\Documents and Settings\Pete's\HPGH.exe"

O4 - HKCU\..\Run: [JULO] "C:\Documents and Settings\Pete's\JULO.exe"

O4 - HKCU\..\Run: [DBGQ] "C:\Documents and Settings\Pete's\DBGQ.exe"

O4 - HKCU\..\Run: [MFLM] "C:\Documents and Settings\Pete's\MFLM.exe"

O4 - HKCU\..\Run: [FROT] "C:\Documents and Settings\Pete's\FROT.exe"

O4 - HKCU\..\Run: [OIUD] "C:\Documents and Settings\Pete's\OIUD.exe"

O4 - HKCU\..\Run: [HSJH] "C:\Documents and Settings\Pete's\HSJH.exe"

O4 - HKCU\..\Run: [NUON] "C:\Documents and Settings\Pete's\NUON.exe"

O4 - HKCU\..\Run: [THDB] "C:\Documents and Settings\Pete's\THDB.exe"

O4 - HKCU\..\Run: [12] "C:\WINDOWS\system32\12.exe"

O4 - HKCU\..\Run: [GPPE] "C:\Documents and Settings\Pete's\GPPE.exe"

O4 - HKCU\..\Run: [JHFL] "C:\Documents and Settings\Pete's\JHFL.exe"

O4 - HKCU\..\Run: [DUUB] "C:\Documents and Settings\Pete's\DUUB.exe"

O4 - HKCU\..\Run: [AFDQ] "C:\Documents and Settings\Pete's\AFDQ.exe"

O4 - HKCU\..\Run: [LRRF] "C:\Documents and Settings\Pete's\LRRF.exe"

O4 - HKCU\..\Run: [OOJG] "C:\Documents and Settings\Pete's\OOJG.exe"

O4 - HKCU\..\Run: [ATFJ] "C:\Documents and Settings\Pete's\ATFJ.exe"

O4 - HKCU\..\Run: [EBPC] "C:\Documents and Settings\Pete's\EBPC.exe"

O4 - HKCU\..\Run: [GLMH] "C:\Documents and Settings\Pete's\GLMH.exe"

O4 - HKCU\..\Run: [LBTP] "C:\Documents and Settings\Pete's\LBTP.exe"

O4 - HKCU\..\Run: [ATQM] "C:\Documents and Settings\Pete's\ATQM.exe"

O4 - HKCU\..\Run: [bDAS] "C:\Documents and Settings\Pete's\BDAS.exe"

O4 - HKCU\..\Run: [CQEG] "C:\Documents and Settings\Pete's\CQEG.exe"

O4 - HKCU\..\Run: [NTPH] "C:\Documents and Settings\Pete's\NTPH.exe"

O4 - HKCU\..\Run: [TBDT] "C:\Documents and Settings\Pete's\TBDT.exe"

O4 - HKCU\..\Run: [RPNH] "C:\Documents and Settings\Pete's\RPNH.exe"

O4 - HKCU\..\Run: [NSDG] "C:\Documents and Settings\Pete's\NSDG.exe"

O4 - HKCU\..\Run: [NQQD] "C:\Documents and Settings\Pete's\NQQD.exe"

O4 - HKCU\..\Run: [ORUR] "C:\Documents and Settings\Pete's\ORUR.exe"

O4 - HKCU\..\Run: [iRTI] "C:\Documents and Settings\Pete's\IRTI.exe"

O4 - HKCU\..\Run: [HQAL] "C:\Documents and Settings\Pete's\HQAL.exe"

O4 - HKCU\..\Run: [iBHA] "C:\Documents and Settings\Pete's\IBHA.exe"

O4 - HKCU\..\Run: [EBUT] "C:\Documents and Settings\Pete's\EBUT.exe"

O4 - HKCU\..\Run: [POSS] "C:\Documents and Settings\Pete's\POSS.exe"

O4 - HKCU\..\Run: [bUTA] "C:\Documents and Settings\Pete's\BUTA.exe"

O4 - HKCU\..\Run: [LIBF] "C:\Documents and Settings\Pete's\LIBF.exe"

O4 - HKCU\..\Run: [AUBD] "C:\Documents and Settings\Pete's\AUBD.exe"

O4 - HKCU\..\Run: [DJIK] "C:\Documents and Settings\Pete's\DJIK.exe"

O4 - HKCU\..\Run: [ASOJ] "C:\Documents and Settings\Pete's\ASOJ.exe"

O4 - HKCU\..\Run: [bQPA] "C:\Documents and Settings\Pete's\BQPA.exe"

O4 - HKCU\..\Run: [DNRL] "C:\Documents and Settings\Pete's\DNRL.exe"

O4 - HKCU\..\Run: [LLII] "C:\Documents and Settings\Pete's\LLII.exe"

O4 - HKCU\..\Run: [QKIN] "C:\Documents and Settings\Pete's\QKIN.exe"

O4 - HKCU\..\Run: [iUIH] "C:\Documents and Settings\Pete's\IUIH.exe"

O4 - HKCU\..\Run: [MGAE] "C:\Documents and Settings\Pete's\MGAE.exe"

O4 - HKCU\..\Run: [MRAA] "C:\Documents and Settings\Pete's\MRAA.exe"

O4 - HKCU\..\Run: [sAKO] "C:\Documents and Settings\Pete's\SAKO.exe"

O4 - HKCU\..\Run: [LBGR] "C:\Documents and Settings\Pete's\LBGR.exe"

O4 - HKCU\..\Run: [LLKU] "C:\Documents and Settings\Pete's\LLKU.exe"

O4 - HKCU\..\Run: [JEAT] "C:\Documents and Settings\Pete's\JEAT.exe"

O4 - HKCU\..\Run: [MAMG] "C:\Documents and Settings\Pete's\MAMG.exe"

O4 - HKCU\..\Run: [ETOL] "C:\Documents and Settings\Pete's\ETOL.exe"

O4 - HKCU\..\Run: [GSTA] "C:\Documents and Settings\Pete's\GSTA.exe"

O4 - HKCU\..\Run: [QIKO] "C:\Documents and Settings\Pete's\QIKO.exe"

O4 - HKCU\..\Run: [NSQU] "C:\Documents and Settings\Pete's\NSQU.exe"

O4 - HKCU\..\Run: [NMAK] "C:\Documents and Settings\Pete's\NMAK.exe"

O4 - HKCU\..\Run: [HJLN] "C:\Documents and Settings\Pete's\HJLN.exe"

O4 - HKCU\..\Run: [FICH] "C:\Documents and Settings\Pete's\FICH.exe"

O4 - HKCU\..\Run: [LNFN] "C:\Documents and Settings\Pete's\LNFN.exe"

O8 - Extra context menu item: Mail to a Friend... - http://client.alexa.com/holiday/script/actions/mailto.htm

O8 - Extra context menu item: See Related Links - http://client.alexa.com/holiday/script/actions/related.htm

O8 - Extra context menu item: Write a Review... - http://client.alexa.com/holiday/script/actions/review.htm

Now close all open windows except Hijackthis and click fix checked

Then post a new Hijackthis log here in a reply.

[kohu]

Logfile of HijackThis v1.99.1

Scan saved at 3:43:50 PM, on 3/14/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\system32\Ati2evxx.exe

C:\windows\system\hpsysdrv.exe

C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

C:\WINDOWS\System32\hphmon05.exe

C:\WINDOWS\system32\VTTimer.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\WINDOWS\ALCXMNTR.EXE

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\HP\KBD\KBD.EXE

C:\Program Files\Lexmark 2400 Series\lxcrmon.exe

C:\Program Files\Lexmark 2400 Series\ezprint.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\Cyb2k.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\Program Files\Messenger\msmsgs.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\WiFiConnector\NintendoWFCReg.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE

C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe

C:\Program Files\iTunes\iTunes.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\HJT\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx

O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe

O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [updateManager] "c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [ink Monitor] C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"

O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"

O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [C2K] C:\WINDOWS\Cyb2k.exe

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [backupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe

O4 - HKCU\..\Run: [com11N] RunDll32.exe C:\WINDOWS\system32\com11N.dll,Setup

O4 - HKCU\..\Run: [NSQU] "C:\Documents and Settings\Pete's\NSQU.exe"

O4 - Startup: PowerReg Scheduler V3.exe

O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Run Nintendo Wi-Fi USB Connector Registration Tool.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe

O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Open in New &Window (PopOops) - C:\WINDOWS\Web\PopOops.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)

O9 - Extra button: Panda ActiveScan - {653D93AF-C741-4e5e-8C1B-59BA43F93E16} - http://www.pandasoftware.com/activescan (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab

O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab

O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab

O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab

O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {A954AFC3-3A26-44C2-A126-2B61C09F8FC9} (SNRecovery Control) - http://www.cybersitter.com/recovery/ocx/SerialRecovery.ocx

O16 - DPF: {C52439A0-2693-4E40-B141-9F9AD5257241} (Lexmark eDiagnostics Class) - https://ediagnostics.lexmark.com/serval.cab

O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe

O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

O23 - Service: Uno Installer (UnoInstallerService) - Unknown owner - C:\Program Files\M-Audio Uno\UnoInst.exe

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

[therock247uk]

Open Hijackthis and click scan. Then check mark the following entries

O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O4 - HKCU\..\Run: [com11N] RunDll32.exe C:\WINDOWS\system32\com11N.dll,Setup

O4 - HKCU\..\Run: [NSQU] "C:\Documents and Settings\Pete's\NSQU.exe"

Now close all open windows except Hijackthis and click fix checked

Then post a new Hijackthis log here in a reply.

[kohu]

Logfile of HijackThis v1.99.1

Scan saved at 6:31:20 PM, on 3/14/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wscntfy.exe

C:\windows\system\hpsysdrv.exe

C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

C:\WINDOWS\System32\hphmon05.exe

C:\WINDOWS\system32\VTTimer.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\WINDOWS\ALCXMNTR.EXE

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\HP\KBD\KBD.EXE

C:\Program Files\Lexmark 2400 Series\lxcrmon.exe

C:\Program Files\Lexmark 2400 Series\ezprint.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\Cyb2k.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\WiFiConnector\NintendoWFCReg.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE

C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\HJT\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx

O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe

O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [updateManager] "c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [ink Monitor] C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"

O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"

O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [C2K] C:\WINDOWS\Cyb2k.exe

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [backupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe

O4 - Startup: PowerReg Scheduler V3.exe

O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Run Nintendo Wi-Fi USB Connector Registration Tool.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe

O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Open in New &Window (PopOops) - C:\WINDOWS\Web\PopOops.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)

O9 - Extra button: Panda ActiveScan - {653D93AF-C741-4e5e-8C1B-59BA43F93E16} - http://www.pandasoftware.com/activescan (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab

O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab

O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab

O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab

O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {A954AFC3-3A26-44C2-A126-2B61C09F8FC9} (SNRecovery Control) - http://www.cybersitter.com/recovery/ocx/SerialRecovery.ocx

O16 - DPF: {C52439A0-2693-4E40-B141-9F9AD5257241} (Lexmark eDiagnostics Class) - https://ediagnostics.lexmark.com/serval.cab

O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe

O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

O23 - Service: Uno Installer (UnoInstallerService) - Unknown owner - C:\Program Files\M-Audio Uno\UnoInst.exe

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

[therock247uk]

Download WinPFind3U.exe to your Desktop and double-click on it to extract the files. It will create a folder named WinPFind3u on your desktop.

• Close ALL OTHER PROGRAMS.
  
• Open the WinPFind3u folder and double-click on WinPFind3U.exe to start the program.
  
• Now click the Run Scan button on the toolbar.
  
• The program will be scanning huge amounts of data so depending on your system it could take a long time to complete. Let it run unhindered until it finishes.
  
• When the scan is complete Notepad will open with the report file loaded in it.
  
• Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
  

Use the Add Reply button and Copy/Paste the information back here. I will review it when it comes in. If, after posting, the last line is not < End of Report > then the log is too big to fit into a single post and you will need to split it into multiple posts.