MyTechSupport.ca :: Your Computer Technical Resource Headquarters! MyTechSupport.ca :: Your Computer Technical Resource Headquarters!
HOME FORUMS RESOURCES & TOOLS ARTICLES ONLINE STORE ABOUT US
Computer Support Forums arrow Internet & Network Support arrow Security & Viruses arrow Topic: new hijackthis log
August 24, 2019, 02:57:51 PM
 

Home Forum Rules Help Search Mobile Version Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
August 24, 2019, 02:57:51 PM

Login with username, password and session length
 
News
New  Got pics of your modded PC or want to show off your cool desktop, visit our new Show & Tell forum!
  0 Members and 1 Guest are viewing this topic.
Pages: [1] Go Down Print
Author Topic: new hijackthis log  (Read 1924 times)
HoptheTerp
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 10


Bookmark and Share

View Profile
« on: October 19, 2004, 06:54:23 PM »

PLEASE SUPPLY RELEVANT INFORMATION:
Operating System Version: windows xp
Problem Application Name & Version:
Problem Hardware Make & Model:
Error Messages:



Hey! I posted yesterday and you told me to update a few things and run a few programs and i did. Heres my new hijack this log. I've been getting XXX pop-ups.. mainly from megateens and teen-attack.com. I can't seem to find out why they keep coming back. I've tried everything. Thanks.

Thanks! I did everything you said. Here's my new log:

Logfile of HijackThis v1.98.2
Scan saved at 5:39:37 PM, on 10/18/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\carpserv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\program files\mcafee.com\vso\mcvsshld.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\Program Files\Dell\AccessDirect\DadTray.exe
C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\DIGStream\digstream.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\DOCUME~1\Hop\LOCALS~1\Temp\58aa5dlgg1ma.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\cisvc.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Hop\My Documents\File Library\hoppyx52\Downloaded Programs\hijackthis1\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
R3 - URLSearchHook: (no name) - {05FC52D4-F42E-2548-1BAB-F3608DA30F02} - C:\DOCUME~1\Hop\LOCALS~1\Temp\58aa5dlgg1ma.exe
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Hop\Application Data\Mozilla\Profiles\default\o9ahh0ll.slt\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [VirusScan Online] c:\program files\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [B9EAFE5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\5nx2gvzh85g.exe
O4 - HKLM\..\Run: [8866BD6B] C:\DOCUME~1\Hop\LOCALS~1\Temp\pzuw.exe
O4 - HKLM\..\Run: [4851BA6E] C:\DOCUME~1\Hop\LOCALS~1\Temp\bx3i.exe
O4 - HKLM\..\Run: [D9203A66] C:\DOCUME~1\Hop\LOCALS~1\Temp\1fxgzlrx.exe
O4 - HKLM\..\Run: [AD23155E] C:\DOCUME~1\Hop\LOCALS~1\Temp\tanepkz0nryf.exe
O4 - HKLM\..\Run: [82D264F3] C:\DOCUME~1\Hop\LOCALS~1\Temp\4jwmel55g5.exe
O4 - HKLM\..\Run: [FB196B4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\m4800931k.exe
O4 - HKLM\..\Run: [9B9742CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\58aa5dlgg1ma.exe
O4 - HKLM\..\Run: [889654D6] C:\DOCUME~1\Hop\LOCALS~1\Temp\6njbkd31.exe
O4 - HKLM\..\Run: [989FBA56] C:\DOCUME~1\Hop\LOCALS~1\Temp\yl1a64li78.exe
O4 - HKLM\..\Run: [AF9C8A66] C:\DOCUME~1\Hop\LOCALS~1\Temp\ni2m7vsa4.exe
O4 - HKLM\..\Run: [9E381653] C:\DOCUME~1\Hop\LOCALS~1\Temp\h29b1s7l30v.exe
O4 - HKLM\..\Run: [8428DED6] C:\DOCUME~1\Hop\LOCALS~1\Temp\lir1j20b4hcx.exe
O4 - HKLM\..\Run: [D812C776] C:\DOCUME~1\Hop\LOCALS~1\Temp\s0o9p1fvcc.exe
O4 - HKLM\..\Run: [F88648FE] C:\DOCUME~1\Hop\LOCALS~1\Temp\omj3.exe
O4 - HKLM\..\Run: [40D6D266] C:\DOCUME~1\Hop\LOCALS~1\Temp\bk3f3jruh9m.exe
O4 - HKLM\..\Run: [B0DF1286] C:\DOCUME~1\Hop\LOCALS~1\Temp\hlt9xroxiebi.exe
O4 - HKLM\..\Run: [C982C1D6] C:\DOCUME~1\Hop\LOCALS~1\Temp\wll7plu3.exe
O4 - HKLM\..\Run: [808CE2CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\sfmpr1h33ujn.exe
O4 - HKLM\..\Run: [A933174E] C:\DOCUME~1\Hop\LOCALS~1\Temp\523kh.exe
O4 - HKLM\..\Run: [A8ED045E] C:\DOCUME~1\Hop\LOCALS~1\Temp\d7yrq0ub.exe
O4 - HKLM\..\Run: [D89B4EEE] C:\DOCUME~1\Hop\LOCALS~1\Temp\5kgj96oko.exe
O4 - HKLM\..\Run: [8AFA8263] C:\DOCUME~1\Hop\LOCALS~1\Temp\uqzlnd.exe
O4 - HKLM\..\Run: [80778073] C:\DOCUME~1\Hop\LOCALS~1\Temp\0kp.exe
O4 - HKLM\..\Run: [4A88BA5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\dcmpblp40mci.exe
O4 - HKLM\..\Run: [883655D3] C:\DOCUME~1\Hop\LOCALS~1\Temp\bfps1lyd24.exe
O4 - HKLM\..\Run: [926E5056] C:\DOCUME~1\Hop\LOCALS~1\Temp\atmoy3gct.exe
O4 - HKLM\..\Run: [F183708B] C:\DOCUME~1\Hop\LOCALS~1\Temp\55ok4tzgy.exe
O4 - HKLM\..\Run: [DD2C39C3] C:\DOCUME~1\Hop\LOCALS~1\Temp\n8zp1y3k2rr.exe
O4 - HKLM\..\Run: [E7790E4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\hw33x.exe
O4 - HKLM\..\Run: [D79979CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\xpjfm.exe
O4 - HKLM\..\Run: [D02E0F63] C:\DOCUME~1\Hop\LOCALS~1\Temp\03qeqbqjveu.exe
O4 - HKLM\..\Run: [D1B8BE6E] C:\DOCUME~1\Hop\LOCALS~1\Temp\8utu0965ldx.exe
O4 - HKLM\..\Run: [AD88FE6B] C:\DOCUME~1\Hop\LOCALS~1\Temp\fs1dzan7fx8.exe
O4 - HKLM\..\Run: [D36338DB] C:\DOCUME~1\Hop\LOCALS~1\Temp\09jgzmdb.exe
O4 - HKLM\..\Run: [AAADE5E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\60uqpl8i8nic.exe
O4 - HKLM\..\Run: [9064565B] C:\DOCUME~1\Hop\LOCALS~1\Temp\c344.exe
O4 - HKLM\..\Run: [400EC44E] C:\DOCUME~1\Hop\LOCALS~1\Temp\7v4le.exe
O4 - HKLM\..\Run: [B8C779E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xwa9.exe
O4 - HKLM\..\Run: [D84E8F63] C:\DOCUME~1\Hop\LOCALS~1\Temp\691g.exe
O4 - HKLM\..\Run: [AB8F09F6] C:\DOCUME~1\Hop\LOCALS~1\Temp\ya3ztj.exe
O4 - HKLM\..\Run: [442994C6] C:\DOCUME~1\Hop\LOCALS~1\Temp\yjddx.exe
O4 - HKLM\..\Run: [F8D98903] C:\DOCUME~1\Hop\LOCALS~1\Temp\reae86spx.exe
O4 - HKLM\..\Run: [9A1645E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\b0tcytk6.exe
O4 - HKLM\..\Run: [E3F85E56] C:\DOCUME~1\Hop\LOCALS~1\Temp\h9nzf9cgrpg.exe
O4 - HKLM\..\Run: [A358FC8E] C:\DOCUME~1\Hop\LOCALS~1\Temp\6as6qw73.exe
O4 - HKLM\..\Run: [A33786E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\osa.exe
O4 - HKLM\..\Run: [CEAC7CE6] C:\DOCUME~1\Hop\LOCALS~1\Temp\wi2nui8sz.exe
O4 - HKLM\..\Run: [F3224076] C:\DOCUME~1\Hop\LOCALS~1\Temp\51q.exe
O4 - HKLM\..\Run: [A232E656] C:\DOCUME~1\Hop\LOCALS~1\Temp\jscap8q.exe
O4 - HKLM\..\Run: [876F9743] C:\DOCUME~1\Hop\LOCALS~1\Temp\haept.exe
O4 - HKLM\..\Run: [AA70F9FE] C:\DOCUME~1\Hop\LOCALS~1\Temp\ym3dtquqquvi.exe
O4 - HKLM\..\Run: [8039A0CB] C:\DOCUME~1\Hop\LOCALS~1\Temp\r4bamchx4em.exe
O4 - HKLM\..\Run: [ECE6126B] C:\DOCUME~1\Hop\LOCALS~1\Temp\swom13o2qb1.exe
O4 - HKLM\..\Run: [A8AE39E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\7sm9.exe
O4 - HKLM\..\Run: [B90004C6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xdxa3ivzrd.exe
O4 - HKLM\..\Run: [B84C7E5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\27r3.exe
O4 - HKLM\..\Run: [87627D63] C:\DOCUME~1\Hop\LOCALS~1\Temp\ss24748x2f0.exe
O4 - HKLM\..\Run: [AC7A9FE3] C:\DOCUME~1\Hop\LOCALS~1\Temp\0gn9nu8imt.exe
O4 - HKLM\..\Run: [EB59AF7E] C:\DOCUME~1\Hop\LOCALS~1\Temp\la28lp.exe
O4 - HKLM\..\Run: [E09AFE5B] C:\DOCUME~1\Hop\LOCALS~1\Temp\01kt.exe
O4 - HKLM\..\Run: [89A6FAF6] C:\DOCUME~1\Hop\LOCALS~1\Temp\geov5ldsez1j.exe
O4 - HKLM\..\Run: [E87AC463] C:\DOCUME~1\Hop\LOCALS~1\Temp\4qwa.exe
O4 - HKLM\..\Run: [EA8CA25E] C:\DOCUME~1\Hop\LOCALS~1\Temp\82pv8hmsp.exe
O4 - HKLM\..\Run: [EF0D05EB] C:\DOCUME~1\Hop\LOCALS~1\Temp\yh2nj6upl79.exe
O4 - HKLM\..\Run: [9F0F3B53] C:\DOCUME~1\Hop\LOCALS~1\Temp\ctlwt6b60.exe
O4 - HKLM\..\Run: [E87390E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xu7c.exe
O4 - HKLM\..\Run: [90DB906B] C:\DOCUME~1\Hop\LOCALS~1\Temp\27qvnp.exe
O4 - HKLM\..\Run: [C940B90E] C:\DOCUME~1\Hop\LOCALS~1\Temp\euauccq.exe
O4 - HKLM\..\Run: [A1ACDDD6] C:\DOCUME~1\Hop\LOCALS~1\Temp\vxtsph91uy7p.exe
O4 - HKLM\..\Run: [8B82547E] C:\DOCUME~1\Hop\LOCALS~1\Temp\r5xr4sknjq2t.exe
O4 - HKLM\..\Run: [CAAE70CB] C:\DOCUME~1\Hop\LOCALS~1\Temp\lc7l0.exe
O4 - HKLM\..\Run: [D9A5AADB] C:\DOCUME~1\Hop\LOCALS~1\Temp\66lky1o1uh5.exe
O4 - HKLM\..\Run: [DCC47F56] C:\DOCUME~1\Hop\LOCALS~1\Temp\4hknv8e.exe
O4 - HKLM\..\Run: [A13A8263] C:\DOCUME~1\Hop\LOCALS~1\Temp\tuzn6l.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\Run: [nthhntor] C:\WINDOWS\system32\nthhntor.exe
O4 - HKCU\..\Run: [s-hhs-6464] C:\WINDOWS\s-hhs-6464.exe
O4 - HKCU\..\Run: [B9EAFE5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\5nx2gvzh85g.exe
O4 - HKCU\..\Run: [6432] C:\WINDOWS\6432.exe
O4 - HKCU\..\Run: [8866BD6B] C:\DOCUME~1\Hop\LOCALS~1\Temp\pzuw.exe
O4 - HKCU\..\Run: [mssyms] C:\WINDOWS\system32\mssyms.exe
O4 - HKCU\..\Run: [4851BA6E] C:\DOCUME~1\Hop\LOCALS~1\Temp\bx3i.exe
O4 - HKCU\..\Run: [3264s-ornt] C:\WINDOWS\system32\3264s-ornt.exe
O4 - HKCU\..\Run: [D9203A66] C:\DOCUME~1\Hop\LOCALS~1\Temp\1fxgzlrx.exe
O4 - HKCU\..\Run: [s-ms] C:\WINDOWS\s-ms.exe
O4 - HKCU\..\Run: [AD23155E] C:\DOCUME~1\Hop\LOCALS~1\Temp\tanepkz0nryf.exe
O4 - HKCU\..\Run: [ntSPnt32] C:\WINDOWS\system32\ntSPnt32.exe
O4 - HKCU\..\Run: [82D264F3] C:\DOCUME~1\Hop\LOCALS~1\Temp\4jwmel55g5.exe
O4 - HKCU\..\Run: [PE64orms] C:\WINDOWS\PE64orms.exe
O4 - HKCU\..\Run: [FB196B4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\m4800931k.exe
O4 - HKCU\..\Run: [9B9742CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\58aa5dlgg1ma.exe
O4 - HKCU\..\Run: [889654D6] C:\DOCUME~1\Hop\LOCALS~1\Temp\6njbkd31.exe
O4 - HKCU\..\Run: [989FBA56] C:\DOCUME~1\Hop\LOCALS~1\Temp\yl1a64li78.exe
O4 - HKCU\..\Run: [AF9C8A66] C:\DOCUME~1\Hop\LOCALS~1\Temp\ni2m7vsa4.exe
O4 - HKCU\..\Run: [9E381653] C:\DOCUME~1\Hop\LOCALS~1\Temp\h29b1s7l30v.exe
O4 - HKCU\..\Run: [8428DED6] C:\DOCUME~1\Hop\LOCALS~1\Temp\lir1j20b4hcx.exe
O4 - HKCU\..\Run: [D812C776] C:\DOCUME~1\Hop\LOCALS~1\Temp\s0o9p1fvcc.exe
O4 - HKCU\..\Run: [F88648FE] C:\DOCUME~1\Hop\LOCALS~1\Temp\omj3.exe
O4 - HKCU\..\Run: [40D6D266] C:\DOCUME~1\Hop\LOCALS~1\Temp\bk3f3jruh9m.exe
O4 - HKCU\..\Run: [B0DF1286] C:\DOCUME~1\Hop\LOCALS~1\Temp\hlt9xroxiebi.exe
O4 - HKCU\..\Run: [C982C1D6] C:\DOCUME~1\Hop\LOCALS~1\Temp\wll7plu3.exe
O4 - HKCU\..\Run: [808CE2CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\sfmpr1h33ujn.exe
O4 - HKCU\..\Run: [A933174E] C:\DOCUME~1\Hop\LOCALS~1\Temp\523kh.exe
O4 - HKCU\..\Run: [A8ED045E] C:\DOCUME~1\Hop\LOCALS~1\Temp\d7yrq0ub.exe
O4 - HKCU\..\Run: [D89B4EEE] C:\DOCUME~1\Hop\LOCALS~1\Temp\5kgj96oko.exe
O4 - HKCU\..\Run: [8AFA8263] C:\DOCUME~1\Hop\LOCALS~1\Temp\uqzlnd.exe
O4 - HKCU\..\Run: [80778073] C:\DOCUME~1\Hop\LOCALS~1\Temp\0kp.exe
O4 - HKCU\..\Run: [4A88BA5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\dcmpblp40mci.exe
O4 - HKCU\..\Run: [883655D3] C:\DOCUME~1\Hop\LOCALS~1\Temp\bfps1lyd24.exe
O4 - HKCU\..\Run: [926E5056] C:\DOCUME~1\Hop\LOCALS~1\Temp\atmoy3gct.exe
O4 - HKCU\..\Run: [F183708B] C:\DOCUME~1\Hop\LOCALS~1\Temp\55ok4tzgy.exe
O4 - HKCU\..\Run: [DD2C39C3] C:\DOCUME~1\Hop\LOCALS~1\Temp\n8zp1y3k2rr.exe
O4 - HKCU\..\Run: [E7790E4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\hw33x.exe
O4 - HKCU\..\Run: [D79979CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\xpjfm.exe
O4 - HKCU\..\Run: [D02E0F63] C:\DOCUME~1\Hop\LOCALS~1\Temp\03qeqbqjveu.exe
O4 - HKCU\..\Run: [D1B8BE6E] C:\DOCUME~1\Hop\LOCALS~1\Temp\8utu0965ldx.exe
O4 - HKCU\..\Run: [AD88FE6B] C:\DOCUME~1\Hop\LOCALS~1\Temp\fs1dzan7fx8.exe
O4 - HKCU\..\Run: [D36338DB] C:\DOCUME~1\Hop\LOCALS~1\Temp\09jgzmdb.exe
O4 - HKCU\..\Run: [AAADE5E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\60uqpl8i8nic.exe
O4 - HKCU\..\Run: [9064565B] C:\DOCUME~1\Hop\LOCALS~1\Temp\c344.exe
O4 - HKCU\..\Run: [400EC44E] C:\DOCUME~1\Hop\LOCALS~1\Temp\7v4le.exe
O4 - HKCU\..\Run: [B8C779E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xwa9.exe
O4 - HKCU\..\Run: [D84E8F63] C:\DOCUME~1\Hop\LOCALS~1\Temp\691g.exe
O4 - HKCU\..\Run: [AB8F09F6] C:\DOCUME~1\Hop\LOCALS~1\Temp\ya3ztj.exe
O4 - HKCU\..\Run: [442994C6] C:\DOCUME~1\Hop\LOCALS~1\Temp\yjddx.exe
O4 - HKCU\..\Run: [F8D98903] C:\DOCUME~1\Hop\LOCALS~1\Temp\reae86spx.exe
O4 - HKCU\..\Run: [9A1645E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\b0tcytk6.exe
O4 - HKCU\..\Run: [E3F85E56] C:\DOCUME~1\Hop\LOCALS~1\Temp\h9nzf9cgrpg.exe
O4 - HKCU\..\Run: [A358FC8E] C:\DOCUME~1\Hop\LOCALS~1\Temp\6as6qw73.exe
O4 - HKCU\..\Run: [A33786E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\osa.exe
O4 - HKCU\..\Run: [CEAC7CE6] C:\DOCUME~1\Hop\LOCALS~1\Temp\wi2nui8sz.exe
O4 - HKCU\..\Run: [F3224076] C:\DOCUME~1\Hop\LOCALS~1\Temp\51q.exe
O4 - HKCU\..\Run: [A232E656] C:\DOCUME~1\Hop\LOCALS~1\Temp\jscap8q.exe
O4 - HKCU\..\Run: [876F9743] C:\DOCUME~1\Hop\LOCALS~1\Temp\haept.exe
O4 - HKCU\..\Run: [AA70F9FE] C:\DOCUME~1\Hop\LOCALS~1\Temp\ym3dtquqquvi.exe
O4 - HKCU\..\Run: [8039A0CB] C:\DOCUME~1\Hop\LOCALS~1\Temp\r4bamchx4em.exe
O4 - HKCU\..\Run: [ECE6126B] C:\DOCUME~1\Hop\LOCALS~1\Temp\swom13o2qb1.exe
O4 - HKCU\..\Run: [A8AE39E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\7sm9.exe
O4 - HKCU\..\Run: [B90004C6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xdxa3ivzrd.exe
O4 - HKCU\..\Run: [B84C7E5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\27r3.exe
O4 - HKCU\..\Run: [87627D63] C:\DOCUME~1\Hop\LOCALS~1\Temp\ss24748x2f0.exe
O4 - HKCU\..\Run: [AC7A9FE3] C:\DOCUME~1\Hop\LOCALS~1\Temp\0gn9nu8imt.exe
O4 - HKCU\..\Run: [EB59AF7E] C:\DOCUME~1\Hop\LOCALS~1\Temp\la28lp.exe
O4 - HKCU\..\Run: [E09AFE5B] C:\DOCUME~1\Hop\LOCALS~1\Temp\01kt.exe
O4 - HKCU\..\Run: [89A6FAF6] C:\DOCUME~1\Hop\LOCALS~1\Temp\geov5ldsez1j.exe
O4 - HKCU\..\Run: [E87AC463] C:\DOCUME~1\Hop\LOCALS~1\Temp\4qwa.exe
O4 - HKCU\..\Run: [EA8CA25E] C:\DOCUME~1\Hop\LOCALS~1\Temp\82pv8hmsp.exe
O4 - HKCU\..\Run: [EF0D05EB] C:\DOCUME~1\Hop\LOCALS~1\Temp\yh2nj6upl79.exe
O4 - HKCU\..\Run: [9F0F3B53] C:\DOCUME~1\Hop\LOCALS~1\Temp\ctlwt6b60.exe
O4 - HKCU\..\Run: [E87390E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xu7c.exe
O4 - HKCU\..\Run: [90DB906B] C:\DOCUME~1\Hop\LOCALS~1\Temp\27qvnp.exe
O4 - HKCU\..\Run: [C940B90E] C:\DOCUME~1\Hop\LOCALS~1\Temp\euauccq.exe
O4 - HKCU\..\Run: [A1ACDDD6] C:\DOCUME~1\Hop\LOCALS~1\Temp\vxtsph91uy7p.exe
O4 - HKCU\..\Run: [8B82547E] C:\DOCUME~1\Hop\LOCALS~1\Temp\r5xr4sknjq2t.exe
O4 - HKCU\..\Run: [CAAE70CB] C:\DOCUME~1\Hop\LOCALS~1\Temp\lc7l0.exe
O4 - HKCU\..\Run: [D9A5AADB] C:\DOCUME~1\Hop\LOCALS~1\Temp\66lky1o1uh5.exe
O4 - HKCU\..\Run: [DCC47F56] C:\DOCUME~1\Hop\LOCALS~1\Temp\4hknv8e.exe
O4 - HKCU\..\Run: [A13A8263] C:\DOCUME~1\Hop\LOCALS~1\Temp\tuzn6l.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: (no name) - {237AA178-C3BC-4f67-A8BB-D8BC14BA0B89} - (no file)
O9 - Extra button: Corel Network monitor worker - {8D3979C2-AD64-43BE-9967-3C6E3D8F7B35} - (no file)
O9 - Extra 'Tools' menuitem: Corel Network monitor worker - {8D3979C2-AD64-43BE-9967-3C6E3D8F7B35} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: (no name) - {237AA178-C3BC-4f67-A8BB-D8BC14BA0B89} - (no file) (HKCU)
O9 - Extra button: Corel Network monitor worker - {8D3979C2-AD64-43BE-9967-3C6E3D8F7B35} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Corel Network monitor worker - {8D3979C2-AD64-43BE-9967-3C6E3D8F7B35} - (no file) (HKCU)
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1408.g.akamai.net/7/1408/9955/20031218/akamai.info.apple.com/iTunes4/WW/win/019-0123.20031218.zes4d/iTunesSetup.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1098028127069
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemplates/ActiveSecurity.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab

THANKS!!
Logged

 
jvic
Visiting Administrator
Hero Member
*****

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 1238


Bookmark and Share

View Profile
« Reply #1 on: October 20, 2004, 02:43:37 PM »

Sorry for the delay.i haven't forgotten you just having computer problems of my own.i should be back up by tonight.
Logged

John Vickers
HoptheTerp
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 10


Bookmark and Share

View Profile
« Reply #2 on: October 20, 2004, 03:49:21 PM »

its ok, I appreciate the help greatly! Just let me know what I can do to fix it. Thanks!!
Logged

 
HoptheTerp
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 10


Bookmark and Share

View Profile
« Reply #3 on: October 20, 2004, 09:44:37 PM »


Logfile of HijackThis v1.98.2
Scan saved at 5:43:18 PM, on 10/20/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\cisvc.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\svchost.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\carpserv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Dell\AccessDirect\DadTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\program files\mcafee.com\vso\mcvsshld.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\DIGStream\digstream.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\DOCUME~1\Hop\LOCALS~1\Temp\58aa5dlgg1ma.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Hop\Local Settings\Temp\Temporary Directory 1 for hijackthis1.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
R3 - URLSearchHook: (no name) - {05FC52D4-F42E-2548-1BAB-F3608DA30F02} - C:\DOCUME~1\Hop\LOCALS~1\Temp\58aa5dlgg1ma.exe
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Hop\Application Data\Mozilla\Profiles\default\o9ahh0ll.slt\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [VirusScan Online] c:\program files\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [B9EAFE5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\5nx2gvzh85g.exe
O4 - HKLM\..\Run: [8866BD6B] C:\DOCUME~1\Hop\LOCALS~1\Temp\pzuw.exe
O4 - HKLM\..\Run: [4851BA6E] C:\DOCUME~1\Hop\LOCALS~1\Temp\bx3i.exe
O4 - HKLM\..\Run: [D9203A66] C:\DOCUME~1\Hop\LOCALS~1\Temp\1fxgzlrx.exe
O4 - HKLM\..\Run: [AD23155E] C:\DOCUME~1\Hop\LOCALS~1\Temp\tanepkz0nryf.exe
O4 - HKLM\..\Run: [82D264F3] C:\DOCUME~1\Hop\LOCALS~1\Temp\4jwmel55g5.exe
O4 - HKLM\..\Run: [FB196B4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\m4800931k.exe
O4 - HKLM\..\Run: [9B9742CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\58aa5dlgg1ma.exe
O4 - HKLM\..\Run: [889654D6] C:\DOCUME~1\Hop\LOCALS~1\Temp\6njbkd31.exe
O4 - HKLM\..\Run: [989FBA56] C:\DOCUME~1\Hop\LOCALS~1\Temp\yl1a64li78.exe
O4 - HKLM\..\Run: [AF9C8A66] C:\DOCUME~1\Hop\LOCALS~1\Temp\ni2m7vsa4.exe
O4 - HKLM\..\Run: [9E381653] C:\DOCUME~1\Hop\LOCALS~1\Temp\h29b1s7l30v.exe
O4 - HKLM\..\Run: [8428DED6] C:\DOCUME~1\Hop\LOCALS~1\Temp\lir1j20b4hcx.exe
O4 - HKLM\..\Run: [D812C776] C:\DOCUME~1\Hop\LOCALS~1\Temp\s0o9p1fvcc.exe
O4 - HKLM\..\Run: [F88648FE] C:\DOCUME~1\Hop\LOCALS~1\Temp\omj3.exe
O4 - HKLM\..\Run: [40D6D266] C:\DOCUME~1\Hop\LOCALS~1\Temp\bk3f3jruh9m.exe
O4 - HKLM\..\Run: [B0DF1286] C:\DOCUME~1\Hop\LOCALS~1\Temp\hlt9xroxiebi.exe
O4 - HKLM\..\Run: [C982C1D6] C:\DOCUME~1\Hop\LOCALS~1\Temp\wll7plu3.exe
O4 - HKLM\..\Run: [808CE2CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\sfmpr1h33ujn.exe
O4 - HKLM\..\Run: [A933174E] C:\DOCUME~1\Hop\LOCALS~1\Temp\523kh.exe
O4 - HKLM\..\Run: [A8ED045E] C:\DOCUME~1\Hop\LOCALS~1\Temp\d7yrq0ub.exe
O4 - HKLM\..\Run: [D89B4EEE] C:\DOCUME~1\Hop\LOCALS~1\Temp\5kgj96oko.exe
O4 - HKLM\..\Run: [8AFA8263] C:\DOCUME~1\Hop\LOCALS~1\Temp\uqzlnd.exe
O4 - HKLM\..\Run: [80778073] C:\DOCUME~1\Hop\LOCALS~1\Temp\0kp.exe
O4 - HKLM\..\Run: [4A88BA5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\dcmpblp40mci.exe
O4 - HKLM\..\Run: [883655D3] C:\DOCUME~1\Hop\LOCALS~1\Temp\bfps1lyd24.exe
O4 - HKLM\..\Run: [926E5056] C:\DOCUME~1\Hop\LOCALS~1\Temp\atmoy3gct.exe
O4 - HKLM\..\Run: [F183708B] C:\DOCUME~1\Hop\LOCALS~1\Temp\55ok4tzgy.exe
O4 - HKLM\..\Run: [DD2C39C3] C:\DOCUME~1\Hop\LOCALS~1\Temp\n8zp1y3k2rr.exe
O4 - HKLM\..\Run: [E7790E4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\hw33x.exe
O4 - HKLM\..\Run: [D79979CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\xpjfm.exe
O4 - HKLM\..\Run: [D02E0F63] C:\DOCUME~1\Hop\LOCALS~1\Temp\03qeqbqjveu.exe
O4 - HKLM\..\Run: [D1B8BE6E] C:\DOCUME~1\Hop\LOCALS~1\Temp\8utu0965ldx.exe
O4 - HKLM\..\Run: [AD88FE6B] C:\DOCUME~1\Hop\LOCALS~1\Temp\fs1dzan7fx8.exe
O4 - HKLM\..\Run: [D36338DB] C:\DOCUME~1\Hop\LOCALS~1\Temp\09jgzmdb.exe
O4 - HKLM\..\Run: [AAADE5E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\60uqpl8i8nic.exe
O4 - HKLM\..\Run: [9064565B] C:\DOCUME~1\Hop\LOCALS~1\Temp\c344.exe
O4 - HKLM\..\Run: [400EC44E] C:\DOCUME~1\Hop\LOCALS~1\Temp\7v4le.exe
O4 - HKLM\..\Run: [B8C779E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xwa9.exe
O4 - HKLM\..\Run: [D84E8F63] C:\DOCUME~1\Hop\LOCALS~1\Temp\691g.exe
O4 - HKLM\..\Run: [AB8F09F6] C:\DOCUME~1\Hop\LOCALS~1\Temp\ya3ztj.exe
O4 - HKLM\..\Run: [442994C6] C:\DOCUME~1\Hop\LOCALS~1\Temp\yjddx.exe
O4 - HKLM\..\Run: [F8D98903] C:\DOCUME~1\Hop\LOCALS~1\Temp\reae86spx.exe
O4 - HKLM\..\Run: [9A1645E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\b0tcytk6.exe
O4 - HKLM\..\Run: [E3F85E56] C:\DOCUME~1\Hop\LOCALS~1\Temp\h9nzf9cgrpg.exe
O4 - HKLM\..\Run: [A358FC8E] C:\DOCUME~1\Hop\LOCALS~1\Temp\6as6qw73.exe
O4 - HKLM\..\Run: [A33786E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\osa.exe
O4 - HKLM\..\Run: [CEAC7CE6] C:\DOCUME~1\Hop\LOCALS~1\Temp\wi2nui8sz.exe
O4 - HKLM\..\Run: [F3224076] C:\DOCUME~1\Hop\LOCALS~1\Temp\51q.exe
O4 - HKLM\..\Run: [A232E656] C:\DOCUME~1\Hop\LOCALS~1\Temp\jscap8q.exe
O4 - HKLM\..\Run: [876F9743] C:\DOCUME~1\Hop\LOCALS~1\Temp\haept.exe
O4 - HKLM\..\Run: [AA70F9FE] C:\DOCUME~1\Hop\LOCALS~1\Temp\ym3dtquqquvi.exe
O4 - HKLM\..\Run: [8039A0CB] C:\DOCUME~1\Hop\LOCALS~1\Temp\r4bamchx4em.exe
O4 - HKLM\..\Run: [ECE6126B] C:\DOCUME~1\Hop\LOCALS~1\Temp\swom13o2qb1.exe
O4 - HKLM\..\Run: [A8AE39E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\7sm9.exe
O4 - HKLM\..\Run: [B90004C6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xdxa3ivzrd.exe
O4 - HKLM\..\Run: [B84C7E5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\27r3.exe
O4 - HKLM\..\Run: [87627D63] C:\DOCUME~1\Hop\LOCALS~1\Temp\ss24748x2f0.exe
O4 - HKLM\..\Run: [AC7A9FE3] C:\DOCUME~1\Hop\LOCALS~1\Temp\0gn9nu8imt.exe
O4 - HKLM\..\Run: [EB59AF7E] C:\DOCUME~1\Hop\LOCALS~1\Temp\la28lp.exe
O4 - HKLM\..\Run: [E09AFE5B] C:\DOCUME~1\Hop\LOCALS~1\Temp\01kt.exe
O4 - HKLM\..\Run: [89A6FAF6] C:\DOCUME~1\Hop\LOCALS~1\Temp\geov5ldsez1j.exe
O4 - HKLM\..\Run: [E87AC463] C:\DOCUME~1\Hop\LOCALS~1\Temp\4qwa.exe
O4 - HKLM\..\Run: [EA8CA25E] C:\DOCUME~1\Hop\LOCALS~1\Temp\82pv8hmsp.exe
O4 - HKLM\..\Run: [EF0D05EB] C:\DOCUME~1\Hop\LOCALS~1\Temp\yh2nj6upl79.exe
O4 - HKLM\..\Run: [9F0F3B53] C:\DOCUME~1\Hop\LOCALS~1\Temp\ctlwt6b60.exe
O4 - HKLM\..\Run: [E87390E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xu7c.exe
O4 - HKLM\..\Run: [90DB906B] C:\DOCUME~1\Hop\LOCALS~1\Temp\27qvnp.exe
O4 - HKLM\..\Run: [C940B90E] C:\DOCUME~1\Hop\LOCALS~1\Temp\euauccq.exe
O4 - HKLM\..\Run: [A1ACDDD6] C:\DOCUME~1\Hop\LOCALS~1\Temp\vxtsph91uy7p.exe
O4 - HKLM\..\Run: [8B82547E] C:\DOCUME~1\Hop\LOCALS~1\Temp\r5xr4sknjq2t.exe
O4 - HKLM\..\Run: [CAAE70CB] C:\DOCUME~1\Hop\LOCALS~1\Temp\lc7l0.exe
O4 - HKLM\..\Run: [D9A5AADB] C:\DOCUME~1\Hop\LOCALS~1\Temp\66lky1o1uh5.exe
O4 - HKLM\..\Run: [DCC47F56] C:\DOCUME~1\Hop\LOCALS~1\Temp\4hknv8e.exe
O4 - HKLM\..\Run: [A13A8263] C:\DOCUME~1\Hop\LOCALS~1\Temp\tuzn6l.exe
O4 - HKLM\..\Run: [E0616FE3] C:\DOCUME~1\Hop\LOCALS~1\Temp\kjv.exe
O4 - HKLM\..\Run: [C06C0886] C:\DOCUME~1\Hop\LOCALS~1\Temp\di9tsllq.exe
O4 - HKLM\..\Run: [CB9F87FB] C:\DOCUME~1\Hop\LOCALS~1\Temp\nz5eodwxv.exe
O4 - HKLM\..\Run: [98AF2176] C:\DOCUME~1\Hop\LOCALS~1\Temp\5fl7.exe
O4 - HKLM\..\Run: [9B9BA283] C:\DOCUME~1\Hop\LOCALS~1\Temp\yihvzrfl3yu8.exe
O4 - HKLM\..\Run: [508DD1E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\8g4m31.exe
O4 - HKLM\..\Run: [A920D653] C:\DOCUME~1\Hop\LOCALS~1\Temp\tom1eqy4.exe
O4 - HKLM\..\Run: [DA6F8CD6] C:\DOCUME~1\Hop\LOCALS~1\Temp\4mp0m.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\Run: [nthhntor] C:\WINDOWS\system32\nthhntor.exe
O4 - HKCU\..\Run: [s-hhs-6464] C:\WINDOWS\s-hhs-6464.exe
O4 - HKCU\..\Run: [B9EAFE5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\5nx2gvzh85g.exe
O4 - HKCU\..\Run: [6432] C:\WINDOWS\6432.exe
O4 - HKCU\..\Run: [8866BD6B] C:\DOCUME~1\Hop\LOCALS~1\Temp\pzuw.exe
O4 - HKCU\..\Run: [mssyms] C:\WINDOWS\system32\mssyms.exe
O4 - HKCU\..\Run: [4851BA6E] C:\DOCUME~1\Hop\LOCALS~1\Temp\bx3i.exe
O4 - HKCU\..\Run: [3264s-ornt] C:\WINDOWS\system32\3264s-ornt.exe
O4 - HKCU\..\Run: [D9203A66] C:\DOCUME~1\Hop\LOCALS~1\Temp\1fxgzlrx.exe
O4 - HKCU\..\Run: [s-ms] C:\WINDOWS\s-ms.exe
O4 - HKCU\..\Run: [AD23155E] C:\DOCUME~1\Hop\LOCALS~1\Temp\tanepkz0nryf.exe
O4 - HKCU\..\Run: [ntSPnt32] C:\WINDOWS\system32\ntSPnt32.exe
O4 - HKCU\..\Run: [82D264F3] C:\DOCUME~1\Hop\LOCALS~1\Temp\4jwmel55g5.exe
O4 - HKCU\..\Run: [PE64orms] C:\WINDOWS\PE64orms.exe
O4 - HKCU\..\Run: [FB196B4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\m4800931k.exe
O4 - HKCU\..\Run: [9B9742CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\58aa5dlgg1ma.exe
O4 - HKCU\..\Run: [889654D6] C:\DOCUME~1\Hop\LOCALS~1\Temp\6njbkd31.exe
O4 - HKCU\..\Run: [989FBA56] C:\DOCUME~1\Hop\LOCALS~1\Temp\yl1a64li78.exe
O4 - HKCU\..\Run: [AF9C8A66] C:\DOCUME~1\Hop\LOCALS~1\Temp\ni2m7vsa4.exe
O4 - HKCU\..\Run: [9E381653] C:\DOCUME~1\Hop\LOCALS~1\Temp\h29b1s7l30v.exe
O4 - HKCU\..\Run: [8428DED6] C:\DOCUME~1\Hop\LOCALS~1\Temp\lir1j20b4hcx.exe
O4 - HKCU\..\Run: [D812C776] C:\DOCUME~1\Hop\LOCALS~1\Temp\s0o9p1fvcc.exe
O4 - HKCU\..\Run: [F88648FE] C:\DOCUME~1\Hop\LOCALS~1\Temp\omj3.exe
O4 - HKCU\..\Run: [40D6D266] C:\DOCUME~1\Hop\LOCALS~1\Temp\bk3f3jruh9m.exe
O4 - HKCU\..\Run: [B0DF1286] C:\DOCUME~1\Hop\LOCALS~1\Temp\hlt9xroxiebi.exe
O4 - HKCU\..\Run: [C982C1D6] C:\DOCUME~1\Hop\LOCALS~1\Temp\wll7plu3.exe
O4 - HKCU\..\Run: [808CE2CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\sfmpr1h33ujn.exe
O4 - HKCU\..\Run: [A933174E] C:\DOCUME~1\Hop\LOCALS~1\Temp\523kh.exe
O4 - HKCU\..\Run: [A8ED045E] C:\DOCUME~1\Hop\LOCALS~1\Temp\d7yrq0ub.exe
O4 - HKCU\..\Run: [D89B4EEE] C:\DOCUME~1\Hop\LOCALS~1\Temp\5kgj96oko.exe
O4 - HKCU\..\Run: [8AFA8263] C:\DOCUME~1\Hop\LOCALS~1\Temp\uqzlnd.exe
O4 - HKCU\..\Run: [80778073] C:\DOCUME~1\Hop\LOCALS~1\Temp\0kp.exe
O4 - HKCU\..\Run: [4A88BA5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\dcmpblp40mci.exe
O4 - HKCU\..\Run: [883655D3] C:\DOCUME~1\Hop\LOCALS~1\Temp\bfps1lyd24.exe
O4 - HKCU\..\Run: [926E5056] C:\DOCUME~1\Hop\LOCALS~1\Temp\atmoy3gct.exe
O4 - HKCU\..\Run: [F183708B] C:\DOCUME~1\Hop\LOCALS~1\Temp\55ok4tzgy.exe
O4 - HKCU\..\Run: [DD2C39C3] C:\DOCUME~1\Hop\LOCALS~1\Temp\n8zp1y3k2rr.exe
O4 - HKCU\..\Run: [E7790E4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\hw33x.exe
O4 - HKCU\..\Run: [D79979CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\xpjfm.exe
O4 - HKCU\..\Run: [D02E0F63] C:\DOCUME~1\Hop\LOCALS~1\Temp\03qeqbqjveu.exe
O4 - HKCU\..\Run: [D1B8BE6E] C:\DOCUME~1\Hop\LOCALS~1\Temp\8utu0965ldx.exe
O4 - HKCU\..\Run: [AD88FE6B] C:\DOCUME~1\Hop\LOCALS~1\Temp\fs1dzan7fx8.exe
O4 - HKCU\..\Run: [D36338DB] C:\DOCUME~1\Hop\LOCALS~1\Temp\09jgzmdb.exe
O4 - HKCU\..\Run: [AAADE5E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\60uqpl8i8nic.exe
O4 - HKCU\..\Run: [9064565B] C:\DOCUME~1\Hop\LOCALS~1\Temp\c344.exe
O4 - HKCU\..\Run: [400EC44E] C:\DOCUME~1\Hop\LOCALS~1\Temp\7v4le.exe
O4 - HKCU\..\Run: [B8C779E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xwa9.exe
O4 - HKCU\..\Run: [D84E8F63] C:\DOCUME~1\Hop\LOCALS~1\Temp\691g.exe
O4 - HKCU\..\Run: [AB8F09F6] C:\DOCUME~1\Hop\LOCALS~1\Temp\ya3ztj.exe
O4 - HKCU\..\Run: [442994C6] C:\DOCUME~1\Hop\LOCALS~1\Temp\yjddx.exe
O4 - HKCU\..\Run: [F8D98903] C:\DOCUME~1\Hop\LOCALS~1\Temp\reae86spx.exe
O4 - HKCU\..\Run: [9A1645E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\b0tcytk6.exe
O4 - HKCU\..\Run: [E3F85E56] C:\DOCUME~1\Hop\LOCALS~1\Temp\h9nzf9cgrpg.exe
O4 - HKCU\..\Run: [A358FC8E] C:\DOCUME~1\Hop\LOCALS~1\Temp\6as6qw73.exe
O4 - HKCU\..\Run: [A33786E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\osa.exe
O4 - HKCU\..\Run: [CEAC7CE6] C:\DOCUME~1\Hop\LOCALS~1\Temp\wi2nui8sz.exe
O4 - HKCU\..\Run: [F3224076] C:\DOCUME~1\Hop\LOCALS~1\Temp\51q.exe
O4 - HKCU\..\Run: [A232E656] C:\DOCUME~1\Hop\LOCALS~1\Temp\jscap8q.exe
O4 - HKCU\..\Run: [876F9743] C:\DOCUME~1\Hop\LOCALS~1\Temp\haept.exe
O4 - HKCU\..\Run: [AA70F9FE] C:\DOCUME~1\Hop\LOCALS~1\Temp\ym3dtquqquvi.exe
O4 - HKCU\..\Run: [8039A0CB] C:\DOCUME~1\Hop\LOCALS~1\Temp\r4bamchx4em.exe
O4 - HKCU\..\Run: [ECE6126B] C:\DOCUME~1\Hop\LOCALS~1\Temp\swom13o2qb1.exe
O4 - HKCU\..\Run: [A8AE39E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\7sm9.exe
O4 - HKCU\..\Run: [B90004C6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xdxa3ivzrd.exe
O4 - HKCU\..\Run: [B84C7E5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\27r3.exe
O4 - HKCU\..\Run: [87627D63] C:\DOCUME~1\Hop\LOCALS~1\Temp\ss24748x2f0.exe
O4 - HKCU\..\Run: [AC7A9FE3] C:\DOCUME~1\Hop\LOCALS~1\Temp\0gn9nu8imt.exe
O4 - HKCU\..\Run: [EB59AF7E] C:\DOCUME~1\Hop\LOCALS~1\Temp\la28lp.exe
O4 - HKCU\..\Run: [E09AFE5B] C:\DOCUME~1\Hop\LOCALS~1\Temp\01kt.exe
O4 - HKCU\..\Run: [89A6FAF6] C:\DOCUME~1\Hop\LOCALS~1\Temp\geov5ldsez1j.exe
O4 - HKCU\..\Run: [E87AC463] C:\DOCUME~1\Hop\LOCALS~1\Temp\4qwa.exe
O4 - HKCU\..\Run: [EA8CA25E] C:\DOCUME~1\Hop\LOCALS~1\Temp\82pv8hmsp.exe
O4 - HKCU\..\Run: [EF0D05EB] C:\DOCUME~1\Hop\LOCALS~1\Temp\yh2nj6upl79.exe
O4 - HKCU\..\Run: [9F0F3B53] C:\DOCUME~1\Hop\LOCALS~1\Temp\ctlwt6b60.exe
O4 - HKCU\..\Run: [E87390E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xu7c.exe
O4 - HKCU\..\Run: [90DB906B] C:\DOCUME~1\Hop\LOCALS~1\Temp\27qvnp.exe
O4 - HKCU\..\Run: [C940B90E] C:\DOCUME~1\Hop\LOCALS~1\Temp\euauccq.exe
O4 - HKCU\..\Run: [A1ACDDD6] C:\DOCUME~1\Hop\LOCALS~1\Temp\vxtsph91uy7p.exe
O4 - HKCU\..\Run: [8B82547E] C:\DOCUME~1\Hop\LOCALS~1\Temp\r5xr4sknjq2t.exe
O4 - HKCU\..\Run: [CAAE70CB] C:\DOCUME~1\Hop\LOCALS~1\Temp\lc7l0.exe
O4 - HKCU\..\Run: [D9A5AADB] C:\DOCUME~1\Hop\LOCALS~1\Temp\66lky1o1uh5.exe
O4 - HKCU\..\Run: [DCC47F56] C:\DOCUME~1\Hop\LOCALS~1\Temp\4hknv8e.exe
O4 - HKCU\..\Run: [A13A8263] C:\DOCUME~1\Hop\LOCALS~1\Temp\tuzn6l.exe
O4 - HKCU\..\Run: [E0616FE3] C:\DOCUME~1\Hop\LOCALS~1\Temp\kjv.exe
O4 - HKCU\..\Run: [C06C0886] C:\DOCUME~1\Hop\LOCALS~1\Temp\di9tsllq.exe
O4 - HKCU\..\Run: [CB9F87FB] C:\DOCUME~1\Hop\LOCALS~1\Temp\nz5eodwxv.exe
O4 - HKCU\..\Run: [98AF2176] C:\DOCUME~1\Hop\LOCALS~1\Temp\5fl7.exe
O4 - HKCU\..\Run: [9B9BA283] C:\DOCUME~1\Hop\LOCALS~1\Temp\yihvzrfl3yu8.exe
O4 - HKCU\..\Run: [508DD1E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\8g4m31.exe
O4 - HKCU\..\Run: [A920D653] C:\DOCUME~1\Hop\LOCALS~1\Temp\tom1eqy4.exe
O4 - HKCU\..\Run: [DA6F8CD6] C:\DOCUME~1\Hop\LOCALS~1\Temp\4mp0m.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: (no name) - {237AA178-C3BC-4f67-A8BB-D8BC14BA0B89} - (no file)
O9 - Extra button: Corel Network monitor worker - {8D3979C2-AD64-43BE-9967-3C6E3D8F7B35} - (no file)
O9 - Extra 'Tools' menuitem: Corel Network monitor worker - {8D3979C2-AD64-43BE-9967-3C6E3D8F7B35} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: (no name) - {237AA178-C3BC-4f67-A8BB-D8BC14BA0B89} - (no file) (HKCU)
O9 - Extra button: Corel Network monitor worker - {8D3979C2-AD64-43BE-9967-3C6E3D8F7B35} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Corel Network monitor worker - {8D3979C2-AD64-43BE-9967-3C6E3D8F7B35} - (no file) (HKCU)
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1408.g.akamai.net/7/1408/9955/20031218/akamai.info.apple.com/iTunes4/WW/win/019-0123.20031218.zes4d/iTunesSetup.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1098028127069
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemplates/ActiveSecurity.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab

« Last Edit: October 21, 2004, 11:19:00 PM by jvic » Logged

 
jvic
Visiting Administrator
Hero Member
*****

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 1238


Bookmark and Share

View Profile
« Reply #4 on: October 20, 2004, 11:14:00 PM »

I am at work right now so am trying this with no research in front of me.See if you can find this folder and delete all the contents.If you do post a new log if not I'll reply tonight when I get homeC:\DOCUME~1\Hop\LOCALS~1\Temp

Logged

John Vickers
HoptheTerp
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 10


Bookmark and Share

View Profile
« Reply #5 on: October 21, 2004, 12:17:53 AM »

ok thanks. I appreciate it!! i found the folder c:\documentsandsettings\hop\localsettings\temp and deleted most of the contents. A few of the contents, however, were unable to be deleted becuase they were in use. Heres my new log:


Logfile of HijackThis v1.98.2
Scan saved at 8:16:15 PM, on 10/20/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\cisvc.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\svchost.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\carpserv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\program files\mcafee.com\vso\mcvsshld.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Dell\AccessDirect\DadTray.exe
C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\DIGStream\digstream.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\DOCUME~1\Hop\LOCALS~1\Temp\58aa5dlgg1ma.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Documents and Settings\Hop\Local Settings\Temp\Temporary Directory 1 for hijackthis1.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
R3 - URLSearchHook: (no name) - {05FC52D4-F42E-2548-1BAB-F3608DA30F02} - C:\DOCUME~1\Hop\LOCALS~1\Temp\58aa5dlgg1ma.exe
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Hop\Application Data\Mozilla\Profiles\default\o9ahh0ll.slt\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [VirusScan Online] c:\program files\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [B9EAFE5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\5nx2gvzh85g.exe
O4 - HKLM\..\Run: [8866BD6B] C:\DOCUME~1\Hop\LOCALS~1\Temp\pzuw.exe
O4 - HKLM\..\Run: [4851BA6E] C:\DOCUME~1\Hop\LOCALS~1\Temp\bx3i.exe
O4 - HKLM\..\Run: [D9203A66] C:\DOCUME~1\Hop\LOCALS~1\Temp\1fxgzlrx.exe
O4 - HKLM\..\Run: [AD23155E] C:\DOCUME~1\Hop\LOCALS~1\Temp\tanepkz0nryf.exe
O4 - HKLM\..\Run: [82D264F3] C:\DOCUME~1\Hop\LOCALS~1\Temp\4jwmel55g5.exe
O4 - HKLM\..\Run: [FB196B4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\m4800931k.exe
O4 - HKLM\..\Run: [9B9742CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\58aa5dlgg1ma.exe
O4 - HKLM\..\Run: [889654D6] C:\DOCUME~1\Hop\LOCALS~1\Temp\6njbkd31.exe
O4 - HKLM\..\Run: [989FBA56] C:\DOCUME~1\Hop\LOCALS~1\Temp\yl1a64li78.exe
O4 - HKLM\..\Run: [AF9C8A66] C:\DOCUME~1\Hop\LOCALS~1\Temp\ni2m7vsa4.exe
O4 - HKLM\..\Run: [9E381653] C:\DOCUME~1\Hop\LOCALS~1\Temp\h29b1s7l30v.exe
O4 - HKLM\..\Run: [8428DED6] C:\DOCUME~1\Hop\LOCALS~1\Temp\lir1j20b4hcx.exe
O4 - HKLM\..\Run: [D812C776] C:\DOCUME~1\Hop\LOCALS~1\Temp\s0o9p1fvcc.exe
O4 - HKLM\..\Run: [F88648FE] C:\DOCUME~1\Hop\LOCALS~1\Temp\omj3.exe
O4 - HKLM\..\Run: [40D6D266] C:\DOCUME~1\Hop\LOCALS~1\Temp\bk3f3jruh9m.exe
O4 - HKLM\..\Run: [B0DF1286] C:\DOCUME~1\Hop\LOCALS~1\Temp\hlt9xroxiebi.exe
O4 - HKLM\..\Run: [C982C1D6] C:\DOCUME~1\Hop\LOCALS~1\Temp\wll7plu3.exe
O4 - HKLM\..\Run: [808CE2CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\sfmpr1h33ujn.exe
O4 - HKLM\..\Run: [A933174E] C:\DOCUME~1\Hop\LOCALS~1\Temp\523kh.exe
O4 - HKLM\..\Run: [A8ED045E] C:\DOCUME~1\Hop\LOCALS~1\Temp\d7yrq0ub.exe
O4 - HKLM\..\Run: [D89B4EEE] C:\DOCUME~1\Hop\LOCALS~1\Temp\5kgj96oko.exe
O4 - HKLM\..\Run: [8AFA8263] C:\DOCUME~1\Hop\LOCALS~1\Temp\uqzlnd.exe
O4 - HKLM\..\Run: [80778073] C:\DOCUME~1\Hop\LOCALS~1\Temp\0kp.exe
O4 - HKLM\..\Run: [4A88BA5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\dcmpblp40mci.exe
O4 - HKLM\..\Run: [883655D3] C:\DOCUME~1\Hop\LOCALS~1\Temp\bfps1lyd24.exe
O4 - HKLM\..\Run: [926E5056] C:\DOCUME~1\Hop\LOCALS~1\Temp\atmoy3gct.exe
O4 - HKLM\..\Run: [F183708B] C:\DOCUME~1\Hop\LOCALS~1\Temp\55ok4tzgy.exe
O4 - HKLM\..\Run: [DD2C39C3] C:\DOCUME~1\Hop\LOCALS~1\Temp\n8zp1y3k2rr.exe
O4 - HKLM\..\Run: [E7790E4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\hw33x.exe
O4 - HKLM\..\Run: [D79979CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\xpjfm.exe
O4 - HKLM\..\Run: [D02E0F63] C:\DOCUME~1\Hop\LOCALS~1\Temp\03qeqbqjveu.exe
O4 - HKLM\..\Run: [D1B8BE6E] C:\DOCUME~1\Hop\LOCALS~1\Temp\8utu0965ldx.exe
O4 - HKLM\..\Run: [AD88FE6B] C:\DOCUME~1\Hop\LOCALS~1\Temp\fs1dzan7fx8.exe
O4 - HKLM\..\Run: [D36338DB] C:\DOCUME~1\Hop\LOCALS~1\Temp\09jgzmdb.exe
O4 - HKLM\..\Run: [AAADE5E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\60uqpl8i8nic.exe
O4 - HKLM\..\Run: [9064565B] C:\DOCUME~1\Hop\LOCALS~1\Temp\c344.exe
O4 - HKLM\..\Run: [400EC44E] C:\DOCUME~1\Hop\LOCALS~1\Temp\7v4le.exe
O4 - HKLM\..\Run: [B8C779E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xwa9.exe
O4 - HKLM\..\Run: [D84E8F63] C:\DOCUME~1\Hop\LOCALS~1\Temp\691g.exe
O4 - HKLM\..\Run: [AB8F09F6] C:\DOCUME~1\Hop\LOCALS~1\Temp\ya3ztj.exe
O4 - HKLM\..\Run: [442994C6] C:\DOCUME~1\Hop\LOCALS~1\Temp\yjddx.exe
O4 - HKLM\..\Run: [F8D98903] C:\DOCUME~1\Hop\LOCALS~1\Temp\reae86spx.exe
O4 - HKLM\..\Run: [9A1645E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\b0tcytk6.exe
O4 - HKLM\..\Run: [E3F85E56] C:\DOCUME~1\Hop\LOCALS~1\Temp\h9nzf9cgrpg.exe
O4 - HKLM\..\Run: [A358FC8E] C:\DOCUME~1\Hop\LOCALS~1\Temp\6as6qw73.exe
O4 - HKLM\..\Run: [A33786E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\osa.exe
O4 - HKLM\..\Run: [CEAC7CE6] C:\DOCUME~1\Hop\LOCALS~1\Temp\wi2nui8sz.exe
O4 - HKLM\..\Run: [F3224076] C:\DOCUME~1\Hop\LOCALS~1\Temp\51q.exe
O4 - HKLM\..\Run: [A232E656] C:\DOCUME~1\Hop\LOCALS~1\Temp\jscap8q.exe
O4 - HKLM\..\Run: [876F9743] C:\DOCUME~1\Hop\LOCALS~1\Temp\haept.exe
O4 - HKLM\..\Run: [AA70F9FE] C:\DOCUME~1\Hop\LOCALS~1\Temp\ym3dtquqquvi.exe
O4 - HKLM\..\Run: [8039A0CB] C:\DOCUME~1\Hop\LOCALS~1\Temp\r4bamchx4em.exe
O4 - HKLM\..\Run: [ECE6126B] C:\DOCUME~1\Hop\LOCALS~1\Temp\swom13o2qb1.exe
O4 - HKLM\..\Run: [A8AE39E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\7sm9.exe
O4 - HKLM\..\Run: [B90004C6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xdxa3ivzrd.exe
O4 - HKLM\..\Run: [B84C7E5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\27r3.exe
O4 - HKLM\..\Run: [87627D63] C:\DOCUME~1\Hop\LOCALS~1\Temp\ss24748x2f0.exe
O4 - HKLM\..\Run: [AC7A9FE3] C:\DOCUME~1\Hop\LOCALS~1\Temp\0gn9nu8imt.exe
O4 - HKLM\..\Run: [EB59AF7E] C:\DOCUME~1\Hop\LOCALS~1\Temp\la28lp.exe
O4 - HKLM\..\Run: [E09AFE5B] C:\DOCUME~1\Hop\LOCALS~1\Temp\01kt.exe
O4 - HKLM\..\Run: [89A6FAF6] C:\DOCUME~1\Hop\LOCALS~1\Temp\geov5ldsez1j.exe
O4 - HKLM\..\Run: [E87AC463] C:\DOCUME~1\Hop\LOCALS~1\Temp\4qwa.exe
O4 - HKLM\..\Run: [EA8CA25E] C:\DOCUME~1\Hop\LOCALS~1\Temp\82pv8hmsp.exe
O4 - HKLM\..\Run: [EF0D05EB] C:\DOCUME~1\Hop\LOCALS~1\Temp\yh2nj6upl79.exe
O4 - HKLM\..\Run: [9F0F3B53] C:\DOCUME~1\Hop\LOCALS~1\Temp\ctlwt6b60.exe
O4 - HKLM\..\Run: [E87390E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xu7c.exe
O4 - HKLM\..\Run: [90DB906B] C:\DOCUME~1\Hop\LOCALS~1\Temp\27qvnp.exe
O4 - HKLM\..\Run: [C940B90E] C:\DOCUME~1\Hop\LOCALS~1\Temp\euauccq.exe
O4 - HKLM\..\Run: [A1ACDDD6] C:\DOCUME~1\Hop\LOCALS~1\Temp\vxtsph91uy7p.exe
O4 - HKLM\..\Run: [8B82547E] C:\DOCUME~1\Hop\LOCALS~1\Temp\r5xr4sknjq2t.exe
O4 - HKLM\..\Run: [CAAE70CB] C:\DOCUME~1\Hop\LOCALS~1\Temp\lc7l0.exe
O4 - HKLM\..\Run: [D9A5AADB] C:\DOCUME~1\Hop\LOCALS~1\Temp\66lky1o1uh5.exe
O4 - HKLM\..\Run: [DCC47F56] C:\DOCUME~1\Hop\LOCALS~1\Temp\4hknv8e.exe
O4 - HKLM\..\Run: [A13A8263] C:\DOCUME~1\Hop\LOCALS~1\Temp\tuzn6l.exe
O4 - HKLM\..\Run: [E0616FE3] C:\DOCUME~1\Hop\LOCALS~1\Temp\kjv.exe
O4 - HKLM\..\Run: [C06C0886] C:\DOCUME~1\Hop\LOCALS~1\Temp\di9tsllq.exe
O4 - HKLM\..\Run: [CB9F87FB] C:\DOCUME~1\Hop\LOCALS~1\Temp\nz5eodwxv.exe
O4 - HKLM\..\Run: [98AF2176] C:\DOCUME~1\Hop\LOCALS~1\Temp\5fl7.exe
O4 - HKLM\..\Run: [9B9BA283] C:\DOCUME~1\Hop\LOCALS~1\Temp\yihvzrfl3yu8.exe
O4 - HKLM\..\Run: [508DD1E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\8g4m31.exe
O4 - HKLM\..\Run: [A920D653] C:\DOCUME~1\Hop\LOCALS~1\Temp\tom1eqy4.exe
O4 - HKLM\..\Run: [DA6F8CD6] C:\DOCUME~1\Hop\LOCALS~1\Temp\4mp0m.exe
O4 - HKLM\..\Run: [8B58486B] C:\DOCUME~1\Hop\LOCALS~1\Temp\unhzw7oa8ysm.exe
O4 - HKLM\..\Run: [FBA5F653] C:\DOCUME~1\Hop\LOCALS~1\Temp\2q6lprd.exe
O4 - HKLM\..\Run: [9B7852C3] C:\DOCUME~1\Hop\LOCALS~1\Temp\vpgsw.exe
O4 - HKLM\..\Run: [178FF8E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\larsf3cu8t4u.exe
O4 - HKLM\..\Run: [E9764B76] C:\DOCUME~1\Hop\LOCALS~1\Temp\8t30yc.exe
O4 - HKLM\..\Run: [80F78106] C:\DOCUME~1\Hop\LOCALS~1\Temp\645rdykw.exe
O4 - HKLM\..\Run: [1C26D9CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\rqk3l6yjah.exe
O4 - HKLM\..\Run: [D07785E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\nkl.exe
O4 - HKLM\..\Run: [C8AECD4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\vdhln.exe
O4 - HKLM\..\Run: [134FD84E] C:\DOCUME~1\Hop\LOCALS~1\Temp\1s4ae.exe
O4 - HKLM\..\Run: [D0B31C76] C:\DOCUME~1\Hop\LOCALS~1\Temp\zdo0.exe
O4 - HKLM\..\Run: [91F12503] C:\DOCUME~1\Hop\LOCALS~1\Temp\33dhip3.exe
O4 - HKLM\..\Run: [E29425CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\whq32bv4lqx5.exe
O4 - HKLM\..\Run: [F5C2AF4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\xgbq6z9xmcd.exe
O4 - HKLM\..\Run: [080144EE] C:\DOCUME~1\Hop\LOCALS~1\Temp\rzi.exe
O4 - HKLM\..\Run: [F004F8FE] C:\DOCUME~1\Hop\LOCALS~1\Temp\cmxr.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\Run: [nthhntor] C:\WINDOWS\system32\nthhntor.exe
O4 - HKCU\..\Run: [s-hhs-6464] C:\WINDOWS\s-hhs-6464.exe
O4 - HKCU\..\Run: [B9EAFE5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\5nx2gvzh85g.exe
O4 - HKCU\..\Run: [6432] C:\WINDOWS\6432.exe
O4 - HKCU\..\Run: [8866BD6B] C:\DOCUME~1\Hop\LOCALS~1\Temp\pzuw.exe
O4 - HKCU\..\Run: [mssyms] C:\WINDOWS\system32\mssyms.exe
O4 - HKCU\..\Run: [4851BA6E] C:\DOCUME~1\Hop\LOCALS~1\Temp\bx3i.exe
O4 - HKCU\..\Run: [3264s-ornt] C:\WINDOWS\system32\3264s-ornt.exe
O4 - HKCU\..\Run: [D9203A66] C:\DOCUME~1\Hop\LOCALS~1\Temp\1fxgzlrx.exe
O4 - HKCU\..\Run: [s-ms] C:\WINDOWS\s-ms.exe
O4 - HKCU\..\Run: [AD23155E] C:\DOCUME~1\Hop\LOCALS~1\Temp\tanepkz0nryf.exe
O4 - HKCU\..\Run: [ntSPnt32] C:\WINDOWS\system32\ntSPnt32.exe
O4 - HKCU\..\Run: [82D264F3] C:\DOCUME~1\Hop\LOCALS~1\Temp\4jwmel55g5.exe
O4 - HKCU\..\Run: [PE64orms] C:\WINDOWS\PE64orms.exe
O4 - HKCU\..\Run: [FB196B4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\m4800931k.exe
O4 - HKCU\..\Run: [9B9742CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\58aa5dlgg1ma.exe
O4 - HKCU\..\Run: [889654D6] C:\DOCUME~1\Hop\LOCALS~1\Temp\6njbkd31.exe
O4 - HKCU\..\Run: [989FBA56] C:\DOCUME~1\Hop\LOCALS~1\Temp\yl1a64li78.exe
O4 - HKCU\..\Run: [AF9C8A66] C:\DOCUME~1\Hop\LOCALS~1\Temp\ni2m7vsa4.exe
O4 - HKCU\..\Run: [9E381653] C:\DOCUME~1\Hop\LOCALS~1\Temp\h29b1s7l30v.exe
O4 - HKCU\..\Run: [8428DED6] C:\DOCUME~1\Hop\LOCALS~1\Temp\lir1j20b4hcx.exe
O4 - HKCU\..\Run: [D812C776] C:\DOCUME~1\Hop\LOCALS~1\Temp\s0o9p1fvcc.exe
O4 - HKCU\..\Run: [F88648FE] C:\DOCUME~1\Hop\LOCALS~1\Temp\omj3.exe
O4 - HKCU\..\Run: [40D6D266] C:\DOCUME~1\Hop\LOCALS~1\Temp\bk3f3jruh9m.exe
O4 - HKCU\..\Run: [B0DF1286] C:\DOCUME~1\Hop\LOCALS~1\Temp\hlt9xroxiebi.exe
O4 - HKCU\..\Run: [C982C1D6] C:\DOCUME~1\Hop\LOCALS~1\Temp\wll7plu3.exe
O4 - HKCU\..\Run: [808CE2CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\sfmpr1h33ujn.exe
O4 - HKCU\..\Run: [A933174E] C:\DOCUME~1\Hop\LOCALS~1\Temp\523kh.exe
O4 - HKCU\..\Run: [A8ED045E] C:\DOCUME~1\Hop\LOCALS~1\Temp\d7yrq0ub.exe
O4 - HKCU\..\Run: [D89B4EEE] C:\DOCUME~1\Hop\LOCALS~1\Temp\5kgj96oko.exe
O4 - HKCU\..\Run: [8AFA8263] C:\DOCUME~1\Hop\LOCALS~1\Temp\uqzlnd.exe
O4 - HKCU\..\Run: [80778073] C:\DOCUME~1\Hop\LOCALS~1\Temp\0kp.exe
O4 - HKCU\..\Run: [4A88BA5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\dcmpblp40mci.exe
O4 - HKCU\..\Run: [883655D3] C:\DOCUME~1\Hop\LOCALS~1\Temp\bfps1lyd24.exe
O4 - HKCU\..\Run: [926E5056] C:\DOCUME~1\Hop\LOCALS~1\Temp\atmoy3gct.exe
O4 - HKCU\..\Run: [F183708B] C:\DOCUME~1\Hop\LOCALS~1\Temp\55ok4tzgy.exe
O4 - HKCU\..\Run: [DD2C39C3] C:\DOCUME~1\Hop\LOCALS~1\Temp\n8zp1y3k2rr.exe
O4 - HKCU\..\Run: [E7790E4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\hw33x.exe
O4 - HKCU\..\Run: [D79979CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\xpjfm.exe
O4 - HKCU\..\Run: [D02E0F63] C:\DOCUME~1\Hop\LOCALS~1\Temp\03qeqbqjveu.exe
O4 - HKCU\..\Run: [D1B8BE6E] C:\DOCUME~1\Hop\LOCALS~1\Temp\8utu0965ldx.exe
O4 - HKCU\..\Run: [AD88FE6B] C:\DOCUME~1\Hop\LOCALS~1\Temp\fs1dzan7fx8.exe
O4 - HKCU\..\Run: [D36338DB] C:\DOCUME~1\Hop\LOCALS~1\Temp\09jgzmdb.exe
O4 - HKCU\..\Run: [AAADE5E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\60uqpl8i8nic.exe
O4 - HKCU\..\Run: [9064565B] C:\DOCUME~1\Hop\LOCALS~1\Temp\c344.exe
O4 - HKCU\..\Run: [400EC44E] C:\DOCUME~1\Hop\LOCALS~1\Temp\7v4le.exe
O4 - HKCU\..\Run: [B8C779E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xwa9.exe
O4 - HKCU\..\Run: [D84E8F63] C:\DOCUME~1\Hop\LOCALS~1\Temp\691g.exe
O4 - HKCU\..\Run: [AB8F09F6] C:\DOCUME~1\Hop\LOCALS~1\Temp\ya3ztj.exe
O4 - HKCU\..\Run: [442994C6] C:\DOCUME~1\Hop\LOCALS~1\Temp\yjddx.exe
O4 - HKCU\..\Run: [F8D98903] C:\DOCUME~1\Hop\LOCALS~1\Temp\reae86spx.exe
O4 - HKCU\..\Run: [9A1645E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\b0tcytk6.exe
O4 - HKCU\..\Run: [E3F85E56] C:\DOCUME~1\Hop\LOCALS~1\Temp\h9nzf9cgrpg.exe
O4 - HKCU\..\Run: [A358FC8E] C:\DOCUME~1\Hop\LOCALS~1\Temp\6as6qw73.exe
O4 - HKCU\..\Run: [A33786E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\osa.exe
O4 - HKCU\..\Run: [CEAC7CE6] C:\DOCUME~1\Hop\LOCALS~1\Temp\wi2nui8sz.exe
O4 - HKCU\..\Run: [F3224076] C:\DOCUME~1\Hop\LOCALS~1\Temp\51q.exe
O4 - HKCU\..\Run: [A232E656] C:\DOCUME~1\Hop\LOCALS~1\Temp\jscap8q.exe
O4 - HKCU\..\Run: [876F9743] C:\DOCUME~1\Hop\LOCALS~1\Temp\haept.exe
O4 - HKCU\..\Run: [AA70F9FE] C:\DOCUME~1\Hop\LOCALS~1\Temp\ym3dtquqquvi.exe
O4 - HKCU\..\Run: [8039A0CB] C:\DOCUME~1\Hop\LOCALS~1\Temp\r4bamchx4em.exe
O4 - HKCU\..\Run: [ECE6126B] C:\DOCUME~1\Hop\LOCALS~1\Temp\swom13o2qb1.exe
O4 - HKCU\..\Run: [A8AE39E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\7sm9.exe
O4 - HKCU\..\Run: [B90004C6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xdxa3ivzrd.exe
O4 - HKCU\..\Run: [B84C7E5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\27r3.exe
O4 - HKCU\..\Run: [87627D63] C:\DOCUME~1\Hop\LOCALS~1\Temp\ss24748x2f0.exe
O4 - HKCU\..\Run: [AC7A9FE3] C:\DOCUME~1\Hop\LOCALS~1\Temp\0gn9nu8imt.exe
O4 - HKCU\..\Run: [EB59AF7E] C:\DOCUME~1\Hop\LOCALS~1\Temp\la28lp.exe
O4 - HKCU\..\Run: [E09AFE5B] C:\DOCUME~1\Hop\LOCALS~1\Temp\01kt.exe
O4 - HKCU\..\Run: [89A6FAF6] C:\DOCUME~1\Hop\LOCALS~1\Temp\geov5ldsez1j.exe
O4 - HKCU\..\Run: [E87AC463] C:\DOCUME~1\Hop\LOCALS~1\Temp\4qwa.exe
O4 - HKCU\..\Run: [EA8CA25E] C:\DOCUME~1\Hop\LOCALS~1\Temp\82pv8hmsp.exe
O4 - HKCU\..\Run: [EF0D05EB] C:\DOCUME~1\Hop\LOCALS~1\Temp\yh2nj6upl79.exe
O4 - HKCU\..\Run: [9F0F3B53] C:\DOCUME~1\Hop\LOCALS~1\Temp\ctlwt6b60.exe
O4 - HKCU\..\Run: [E87390E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xu7c.exe
O4 - HKCU\..\Run: [90DB906B] C:\DOCUME~1\Hop\LOCALS~1\Temp\27qvnp.exe
O4 - HKCU\..\Run: [C940B90E] C:\DOCUME~1\Hop\LOCALS~1\Temp\euauccq.exe
O4 - HKCU\..\Run: [A1ACDDD6] C:\DOCUME~1\Hop\LOCALS~1\Temp\vxtsph91uy7p.exe
O4 - HKCU\..\Run: [8B82547E] C:\DOCUME~1\Hop\LOCALS~1\Temp\r5xr4sknjq2t.exe
O4 - HKCU\..\Run: [CAAE70CB] C:\DOCUME~1\Hop\LOCALS~1\Temp\lc7l0.exe
O4 - HKCU\..\Run: [D9A5AADB] C:\DOCUME~1\Hop\LOCALS~1\Temp\66lky1o1uh5.exe
O4 - HKCU\..\Run: [DCC47F56] C:\DOCUME~1\Hop\LOCALS~1\Temp\4hknv8e.exe
O4 - HKCU\..\Run: [A13A8263] C:\DOCUME~1\Hop\LOCALS~1\Temp\tuzn6l.exe
O4 - HKCU\..\Run: [E0616FE3] C:\DOCUME~1\Hop\LOCALS~1\Temp\kjv.exe
O4 - HKCU\..\Run: [C06C0886] C:\DOCUME~1\Hop\LOCALS~1\Temp\di9tsllq.exe
O4 - HKCU\..\Run: [CB9F87FB] C:\DOCUME~1\Hop\LOCALS~1\Temp\nz5eodwxv.exe
O4 - HKCU\..\Run: [98AF2176] C:\DOCUME~1\Hop\LOCALS~1\Temp\5fl7.exe
O4 - HKCU\..\Run: [9B9BA283] C:\DOCUME~1\Hop\LOCALS~1\Temp\yihvzrfl3yu8.exe
O4 - HKCU\..\Run: [508DD1E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\8g4m31.exe
O4 - HKCU\..\Run: [A920D653] C:\DOCUME~1\Hop\LOCALS~1\Temp\tom1eqy4.exe
O4 - HKCU\..\Run: [DA6F8CD6] C:\DOCUME~1\Hop\LOCALS~1\Temp\4mp0m.exe
O4 - HKCU\..\Run: [8B58486B] C:\DOCUME~1\Hop\LOCALS~1\Temp\unhzw7oa8ysm.exe
O4 - HKCU\..\Run: [FBA5F653] C:\DOCUME~1\Hop\LOCALS~1\Temp\2q6lprd.exe
O4 - HKCU\..\Run: [9B7852C3] C:\DOCUME~1\Hop\LOCALS~1\Temp\vpgsw.exe
O4 - HKCU\..\Run: [178FF8E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\larsf3cu8t4u.exe
O4 - HKCU\..\Run: [E9764B76] C:\DOCUME~1\Hop\LOCALS~1\Temp\8t30yc.exe
O4 - HKCU\..\Run: [80F78106] C:\DOCUME~1\Hop\LOCALS~1\Temp\645rdykw.exe
O4 - HKCU\..\Run: [1C26D9CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\rqk3l6yjah.exe
O4 - HKCU\..\Run: [D07785E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\nkl.exe
O4 - HKCU\..\Run: [C8AECD4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\vdhln.exe
O4 - HKCU\..\Run: [134FD84E] C:\DOCUME~1\Hop\LOCALS~1\Temp\1s4ae.exe
O4 - HKCU\..\Run: [D0B31C76] C:\DOCUME~1\Hop\LOCALS~1\Temp\zdo0.exe
O4 - HKCU\..\Run: [91F12503] C:\DOCUME~1\Hop\LOCALS~1\Temp\33dhip3.exe
O4 - HKCU\..\Run: [E29425CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\whq32bv4lqx5.exe
O4 - HKCU\..\Run: [F5C2AF4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\xgbq6z9xmcd.exe
O4 - HKCU\..\Run: [080144EE] C:\DOCUME~1\Hop\LOCALS~1\Temp\rzi.exe
O4 - HKCU\..\Run: [F004F8FE] C:\DOCUME~1\Hop\LOCALS~1\Temp\cmxr.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: (no name) - {237AA178-C3BC-4f67-A8BB-D8BC14BA0B89} - (no file)
O9 - Extra button: Corel Network monitor worker - {8D3979C2-AD64-43BE-9967-3C6E3D8F7B35} - (no file)
O9 - Extra 'Tools' menuitem: Corel Network monitor worker - {8D3979C2-AD64-43BE-9967-3C6E3D8F7B35} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: (no name) - {237AA178-C3BC-4f67-A8BB-D8BC14BA0B89} - (no file) (HKCU)
O9 - Extra button: Corel Network monitor worker - {8D3979C2-AD64-43BE-9967-3C6E3D8F7B35} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Corel Network monitor worker - {8D3979C2-AD64-43BE-9967-3C6E3D8F7B35} - (no file) (HKCU)
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1408.g.akamai.net/7/1408/9955/20031218/akamai.info.apple.com/iTunes4/WW/win/019-0123.20031218.zes4d/iTunesSetup.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1098028127069
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemplates/ActiveSecurity.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab

i see all the stuff in that folder you told me to delete, so i guess I didn't delete the right one.. Ill look some more, but I dont think I can find it. THanks!
Logged

 
jvic
Visiting Administrator
Hero Member
*****

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 1238


Bookmark and Share

View Profile
« Reply #6 on: October 21, 2004, 01:09:10 AM »

Well after 11 when i get to my own computer we'll get you fixed up
Logged

John Vickers
HoptheTerp
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 10


Bookmark and Share

View Profile
« Reply #7 on: October 21, 2004, 03:31:42 AM »

ok, thanks. I appreciate it
Logged

 
jvic
Visiting Administrator
Hero Member
*****

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 1238


Bookmark and Share

View Profile
« Reply #8 on: October 21, 2004, 11:20:06 AM »

You have an absolutely stupefying amount of malware...

For starters, I want you to run online virus scans at Run An Online Virus Scan At Trendmicro!!!

Remove anything it finds and write down any files it says are uncleanable
(Write down the name and path)



When done, download the latest version of Ad-Aware SE Personal at http://www.lavasoftusa.com/support/download/

After installing AAW, and before running it, you NEED to FIRST update the program:
Launch Ad-Aware, and click "Check for Updates" above the start button; you'll be prompted to download and install the latest Reference File.

Now press Start > Next to let Ad-aware scan your drives...
It will find a number of "bad" files and registry keys.
Press Next, right-click in that Results pane and choose "select all"

Now press "Next" again.
It will ask you whether you'd like to remove all checked items. Click OK.

Finally, close Ad-Aware, and reboot.

Go to start>settings>control panel>add and remove programs and uninstall
Viewpoint
P2P Networking
Run hijack this and put a check beside the following:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
R3 - URLSearchHook: (no name) - {05FC52D4-F42E-2548-1BAB-F3608DA30F02} - C:\DOCUME~1\Hop\LOCALS~1\Temp\58aa5dlgg1ma.exe
O2 - BHO: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll
O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [B9EAFE5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\5nx2gvzh85g.exe
O4 - HKLM\..\Run: [8866BD6B] C:\DOCUME~1\Hop\LOCALS~1\Temp\pzuw.exe
O4 - HKLM\..\Run: [4851BA6E] C:\DOCUME~1\Hop\LOCALS~1\Temp\bx3i.exe
O4 - HKLM\..\Run: [D9203A66] C:\DOCUME~1\Hop\LOCALS~1\Temp\1fxgzlrx.exe
O4 - HKLM\..\Run: [AD23155E] C:\DOCUME~1\Hop\LOCALS~1\Temp\tanepkz0nryf.exe
O4 - HKLM\..\Run: [82D264F3] C:\DOCUME~1\Hop\LOCALS~1\Temp\4jwmel55g5.exe
O4 - HKLM\..\Run: [FB196B4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\m4800931k.exe
O4 - HKLM\..\Run: [9B9742CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\58aa5dlgg1ma.exe
O4 - HKLM\..\Run: [889654D6] C:\DOCUME~1\Hop\LOCALS~1\Temp\6njbkd31.exe
O4 - HKLM\..\Run: [989FBA56] C:\DOCUME~1\Hop\LOCALS~1\Temp\yl1a64li78.exe
O4 - HKLM\..\Run: [AF9C8A66] C:\DOCUME~1\Hop\LOCALS~1\Temp\ni2m7vsa4.exe
O4 - HKLM\..\Run: [9E381653] C:\DOCUME~1\Hop\LOCALS~1\Temp\h29b1s7l30v.exe
O4 - HKLM\..\Run: [8428DED6] C:\DOCUME~1\Hop\LOCALS~1\Temp\lir1j20b4hcx.exe
O4 - HKLM\..\Run: [D812C776] C:\DOCUME~1\Hop\LOCALS~1\Temp\s0o9p1fvcc.exe
O4 - HKLM\..\Run: [F88648FE] C:\DOCUME~1\Hop\LOCALS~1\Temp\omj3.exe
O4 - HKLM\..\Run: [40D6D266] C:\DOCUME~1\Hop\LOCALS~1\Temp\bk3f3jruh9m.exe
O4 - HKLM\..\Run: [B0DF1286] C:\DOCUME~1\Hop\LOCALS~1\Temp\hlt9xroxiebi.exe
O4 - HKLM\..\Run: [C982C1D6] C:\DOCUME~1\Hop\LOCALS~1\Temp\wll7plu3.exe
O4 - HKLM\..\Run: [808CE2CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\sfmpr1h33ujn.exe
O4 - HKLM\..\Run: [A933174E] C:\DOCUME~1\Hop\LOCALS~1\Temp\523kh.exe
O4 - HKLM\..\Run: [A8ED045E] C:\DOCUME~1\Hop\LOCALS~1\Temp\d7yrq0ub.exe
O4 - HKLM\..\Run: [D89B4EEE] C:\DOCUME~1\Hop\LOCALS~1\Temp\5kgj96oko.exe
O4 - HKLM\..\Run: [8AFA8263] C:\DOCUME~1\Hop\LOCALS~1\Temp\uqzlnd.exe
O4 - HKLM\..\Run: [80778073] C:\DOCUME~1\Hop\LOCALS~1\Temp\0kp.exe
O4 - HKLM\..\Run: [4A88BA5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\dcmpblp40mci.exe
O4 - HKLM\..\Run: [883655D3] C:\DOCUME~1\Hop\LOCALS~1\Temp\bfps1lyd24.exe
O4 - HKLM\..\Run: [926E5056] C:\DOCUME~1\Hop\LOCALS~1\Temp\atmoy3gct.exe
O4 - HKLM\..\Run: [F183708B] C:\DOCUME~1\Hop\LOCALS~1\Temp\55ok4tzgy.exe
O4 - HKLM\..\Run: [DD2C39C3] C:\DOCUME~1\Hop\LOCALS~1\Temp\n8zp1y3k2rr.exe
O4 - HKLM\..\Run: [E7790E4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\hw33x.exe
O4 - HKLM\..\Run: [D79979CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\xpjfm.exe
O4 - HKLM\..\Run: [D02E0F63] C:\DOCUME~1\Hop\LOCALS~1\Temp\03qeqbqjveu.exe
O4 - HKLM\..\Run: [D1B8BE6E] C:\DOCUME~1\Hop\LOCALS~1\Temp\8utu0965ldx.exe
O4 - HKLM\..\Run: [AD88FE6B] C:\DOCUME~1\Hop\LOCALS~1\Temp\fs1dzan7fx8.exe
O4 - HKLM\..\Run: [D36338DB] C:\DOCUME~1\Hop\LOCALS~1\Temp\09jgzmdb.exe
O4 - HKLM\..\Run: [AAADE5E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\60uqpl8i8nic.exe
O4 - HKLM\..\Run: [9064565B] C:\DOCUME~1\Hop\LOCALS~1\Temp\c344.exe
O4 - HKLM\..\Run: [400EC44E] C:\DOCUME~1\Hop\LOCALS~1\Temp\7v4le.exe
O4 - HKLM\..\Run: [B8C779E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xwa9.exe
O4 - HKLM\..\Run: [D84E8F63] C:\DOCUME~1\Hop\LOCALS~1\Temp\691g.exe
O4 - HKLM\..\Run: [AB8F09F6] C:\DOCUME~1\Hop\LOCALS~1\Temp\ya3ztj.exe
O4 - HKLM\..\Run: [442994C6] C:\DOCUME~1\Hop\LOCALS~1\Temp\yjddx.exe
O4 - HKLM\..\Run: [F8D98903] C:\DOCUME~1\Hop\LOCALS~1\Temp\reae86spx.exe
O4 - HKLM\..\Run: [9A1645E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\b0tcytk6.exe
O4 - HKLM\..\Run: [E3F85E56] C:\DOCUME~1\Hop\LOCALS~1\Temp\h9nzf9cgrpg.exe
O4 - HKLM\..\Run: [A358FC8E] C:\DOCUME~1\Hop\LOCALS~1\Temp\6as6qw73.exe
O4 - HKLM\..\Run: [A33786E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\osa.exe
O4 - HKLM\..\Run: [CEAC7CE6] C:\DOCUME~1\Hop\LOCALS~1\Temp\wi2nui8sz.exe
O4 - HKLM\..\Run: [F3224076] C:\DOCUME~1\Hop\LOCALS~1\Temp\51q.exe
O4 - HKLM\..\Run: [A232E656] C:\DOCUME~1\Hop\LOCALS~1\Temp\jscap8q.exe
O4 - HKLM\..\Run: [876F9743] C:\DOCUME~1\Hop\LOCALS~1\Temp\haept.exe
O4 - HKLM\..\Run: [AA70F9FE] C:\DOCUME~1\Hop\LOCALS~1\Temp\ym3dtquqquvi.exe
O4 - HKLM\..\Run: [8039A0CB] C:\DOCUME~1\Hop\LOCALS~1\Temp\r4bamchx4em.exe
O4 - HKLM\..\Run: [ECE6126B] C:\DOCUME~1\Hop\LOCALS~1\Temp\swom13o2qb1.exe
O4 - HKLM\..\Run: [A8AE39E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\7sm9.exe
O4 - HKLM\..\Run: [B90004C6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xdxa3ivzrd.exe
O4 - HKLM\..\Run: [B84C7E5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\27r3.exe
O4 - HKLM\..\Run: [87627D63] C:\DOCUME~1\Hop\LOCALS~1\Temp\ss24748x2f0.exe
O4 - HKLM\..\Run: [AC7A9FE3] C:\DOCUME~1\Hop\LOCALS~1\Temp\0gn9nu8imt.exe
O4 - HKLM\..\Run: [EB59AF7E] C:\DOCUME~1\Hop\LOCALS~1\Temp\la28lp.exe
O4 - HKLM\..\Run: [E09AFE5B] C:\DOCUME~1\Hop\LOCALS~1\Temp\01kt.exe
O4 - HKLM\..\Run: [89A6FAF6] C:\DOCUME~1\Hop\LOCALS~1\Temp\geov5ldsez1j.exe
O4 - HKLM\..\Run: [E87AC463] C:\DOCUME~1\Hop\LOCALS~1\Temp\4qwa.exe
O4 - HKLM\..\Run: [EA8CA25E] C:\DOCUME~1\Hop\LOCALS~1\Temp\82pv8hmsp.exe
O4 - HKLM\..\Run: [EF0D05EB] C:\DOCUME~1\Hop\LOCALS~1\Temp\yh2nj6upl79.exe
O4 - HKLM\..\Run: [9F0F3B53] C:\DOCUME~1\Hop\LOCALS~1\Temp\ctlwt6b60.exe
O4 - HKLM\..\Run: [E87390E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xu7c.exe
O4 - HKLM\..\Run: [90DB906B] C:\DOCUME~1\Hop\LOCALS~1\Temp\27qvnp.exe
O4 - HKLM\..\Run: [C940B90E] C:\DOCUME~1\Hop\LOCALS~1\Temp\euauccq.exe
O4 - HKLM\..\Run: [A1ACDDD6] C:\DOCUME~1\Hop\LOCALS~1\Temp\vxtsph91uy7p.exe
O4 - HKLM\..\Run: [8B82547E] C:\DOCUME~1\Hop\LOCALS~1\Temp\r5xr4sknjq2t.exe
O4 - HKLM\..\Run: [CAAE70CB] C:\DOCUME~1\Hop\LOCALS~1\Temp\lc7l0.exe
O4 - HKLM\..\Run: [D9A5AADB] C:\DOCUME~1\Hop\LOCALS~1\Temp\66lky1o1uh5.exe
O4 - HKLM\..\Run: [DCC47F56] C:\DOCUME~1\Hop\LOCALS~1\Temp\4hknv8e.exe
O4 - HKLM\..\Run: [A13A8263] C:\DOCUME~1\Hop\LOCALS~1\Temp\tuzn6l.exe
O4 - HKLM\..\Run: [E0616FE3] C:\DOCUME~1\Hop\LOCALS~1\Temp\kjv.exe
O4 - HKLM\..\Run: [C06C0886] C:\DOCUME~1\Hop\LOCALS~1\Temp\di9tsllq.exe
O4 - HKLM\..\Run: [CB9F87FB] C:\DOCUME~1\Hop\LOCALS~1\Temp\nz5eodwxv.exe
O4 - HKLM\..\Run: [98AF2176] C:\DOCUME~1\Hop\LOCALS~1\Temp\5fl7.exe
O4 - HKLM\..\Run: [9B9BA283] C:\DOCUME~1\Hop\LOCALS~1\Temp\yihvzrfl3yu8.exe
O4 - HKLM\..\Run: [508DD1E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\8g4m31.exe
O4 - HKLM\..\Run: [A920D653] C:\DOCUME~1\Hop\LOCALS~1\Temp\tom1eqy4.exe
O4 - HKLM\..\Run: [DA6F8CD6] C:\DOCUME~1\Hop\LOCALS~1\Temp\4mp0m.exe
O4 - HKLM\..\Run: [8B58486B] C:\DOCUME~1\Hop\LOCALS~1\Temp\unhzw7oa8ysm.exe
O4 - HKLM\..\Run: [FBA5F653] C:\DOCUME~1\Hop\LOCALS~1\Temp\2q6lprd.exe
O4 - HKLM\..\Run: [9B7852C3] C:\DOCUME~1\Hop\LOCALS~1\Temp\vpgsw.exe
O4 - HKLM\..\Run: [178FF8E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\larsf3cu8t4u.exe
O4 - HKLM\..\Run: [E9764B76] C:\DOCUME~1\Hop\LOCALS~1\Temp\8t30yc.exe
O4 - HKLM\..\Run: [80F78106] C:\DOCUME~1\Hop\LOCALS~1\Temp\645rdykw.exe
O4 - HKLM\..\Run: [1C26D9CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\rqk3l6yjah.exe
O4 - HKLM\..\Run: [D07785E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\nkl.exe
O4 - HKLM\..\Run: [C8AECD4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\vdhln.exe
O4 - HKLM\..\Run: [134FD84E] C:\DOCUME~1\Hop\LOCALS~1\Temp\1s4ae.exe
O4 - HKLM\..\Run: [D0B31C76] C:\DOCUME~1\Hop\LOCALS~1\Temp\zdo0.exe
O4 - HKLM\..\Run: [91F12503] C:\DOCUME~1\Hop\LOCALS~1\Temp\33dhip3.exe
O4 - HKLM\..\Run: [E29425CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\whq32bv4lqx5.exe
O4 - HKLM\..\Run: [F5C2AF4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\xgbq6z9xmcd.exe
O4 - HKLM\..\Run: [080144EE] C:\DOCUME~1\Hop\LOCALS~1\Temp\rzi.exe
O4 - HKLM\..\Run: [F004F8FE] C:\DOCUME~1\Hop\LOCALS~1\Temp\cmxr.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [nthhntor] C:\WINDOWS\system32\nthhntor.exe
O4 - HKCU\..\Run: [s-hhs-6464] C:\WINDOWS\s-hhs-6464.exe
O4 - HKCU\..\Run: [B9EAFE5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\5nx2gvzh85g.exe
O4 - HKCU\..\Run: [6432] C:\WINDOWS\6432.exe
O4 - HKCU\..\Run: [8866BD6B] C:\DOCUME~1\Hop\LOCALS~1\Temp\pzuw.exe
O4 - HKCU\..\Run: [mssyms] C:\WINDOWS\system32\mssyms.exe
O4 - HKCU\..\Run: [4851BA6E] C:\DOCUME~1\Hop\LOCALS~1\Temp\bx3i.exe
O4 - HKCU\..\Run: [3264s-ornt] C:\WINDOWS\system32\3264s-ornt.exe
O4 - HKCU\..\Run: [D9203A66] C:\DOCUME~1\Hop\LOCALS~1\Temp\1fxgzlrx.exe
O4 - HKCU\..\Run: [s-ms] C:\WINDOWS\s-ms.exe
O4 - HKCU\..\Run: [AD23155E] C:\DOCUME~1\Hop\LOCALS~1\Temp\tanepkz0nryf.exe
O4 - HKCU\..\Run: [ntSPnt32] C:\WINDOWS\system32\ntSPnt32.exe
O4 - HKCU\..\Run: [82D264F3] C:\DOCUME~1\Hop\LOCALS~1\Temp\4jwmel55g5.exe
O4 - HKCU\..\Run: [PE64orms] C:\WINDOWS\PE64orms.exe
O4 - HKCU\..\Run: [FB196B4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\m4800931k.exe
O4 - HKCU\..\Run: [9B9742CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\58aa5dlgg1ma.exe
O4 - HKCU\..\Run: [889654D6] C:\DOCUME~1\Hop\LOCALS~1\Temp\6njbkd31.exe
O4 - HKCU\..\Run: [989FBA56] C:\DOCUME~1\Hop\LOCALS~1\Temp\yl1a64li78.exe
O4 - HKCU\..\Run: [AF9C8A66] C:\DOCUME~1\Hop\LOCALS~1\Temp\ni2m7vsa4.exe
O4 - HKCU\..\Run: [9E381653] C:\DOCUME~1\Hop\LOCALS~1\Temp\h29b1s7l30v.exe
O4 - HKCU\..\Run: [8428DED6] C:\DOCUME~1\Hop\LOCALS~1\Temp\lir1j20b4hcx.exe
O4 - HKCU\..\Run: [D812C776] C:\DOCUME~1\Hop\LOCALS~1\Temp\s0o9p1fvcc.exe
O4 - HKCU\..\Run: [F88648FE] C:\DOCUME~1\Hop\LOCALS~1\Temp\omj3.exe
O4 - HKCU\..\Run: [40D6D266] C:\DOCUME~1\Hop\LOCALS~1\Temp\bk3f3jruh9m.exe
O4 - HKCU\..\Run: [B0DF1286] C:\DOCUME~1\Hop\LOCALS~1\Temp\hlt9xroxiebi.exe
O4 - HKCU\..\Run: [C982C1D6] C:\DOCUME~1\Hop\LOCALS~1\Temp\wll7plu3.exe
O4 - HKCU\..\Run: [808CE2CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\sfmpr1h33ujn.exe
O4 - HKCU\..\Run: [A933174E] C:\DOCUME~1\Hop\LOCALS~1\Temp\523kh.exe
O4 - HKCU\..\Run: [A8ED045E] C:\DOCUME~1\Hop\LOCALS~1\Temp\d7yrq0ub.exe
O4 - HKCU\..\Run: [D89B4EEE] C:\DOCUME~1\Hop\LOCALS~1\Temp\5kgj96oko.exe
O4 - HKCU\..\Run: [8AFA8263] C:\DOCUME~1\Hop\LOCALS~1\Temp\uqzlnd.exe
O4 - HKCU\..\Run: [80778073] C:\DOCUME~1\Hop\LOCALS~1\Temp\0kp.exe
O4 - HKCU\..\Run: [4A88BA5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\dcmpblp40mci.exe
O4 - HKCU\..\Run: [883655D3] C:\DOCUME~1\Hop\LOCALS~1\Temp\bfps1lyd24.exe
O4 - HKCU\..\Run: [926E5056] C:\DOCUME~1\Hop\LOCALS~1\Temp\atmoy3gct.exe
O4 - HKCU\..\Run: [F183708B] C:\DOCUME~1\Hop\LOCALS~1\Temp\55ok4tzgy.exe
O4 - HKCU\..\Run: [DD2C39C3] C:\DOCUME~1\Hop\LOCALS~1\Temp\n8zp1y3k2rr.exe
O4 - HKCU\..\Run: [E7790E4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\hw33x.exe
O4 - HKCU\..\Run: [D79979CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\xpjfm.exe
O4 - HKCU\..\Run: [D02E0F63] C:\DOCUME~1\Hop\LOCALS~1\Temp\03qeqbqjveu.exe
O4 - HKCU\..\Run: [D1B8BE6E] C:\DOCUME~1\Hop\LOCALS~1\Temp\8utu0965ldx.exe
O4 - HKCU\..\Run: [AD88FE6B] C:\DOCUME~1\Hop\LOCALS~1\Temp\fs1dzan7fx8.exe
O4 - HKCU\..\Run: [D36338DB] C:\DOCUME~1\Hop\LOCALS~1\Temp\09jgzmdb.exe
O4 - HKCU\..\Run: [AAADE5E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\60uqpl8i8nic.exe
O4 - HKCU\..\Run: [9064565B] C:\DOCUME~1\Hop\LOCALS~1\Temp\c344.exe
O4 - HKCU\..\Run: [400EC44E] C:\DOCUME~1\Hop\LOCALS~1\Temp\7v4le.exe
O4 - HKCU\..\Run: [B8C779E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xwa9.exe
O4 - HKCU\..\Run: [D84E8F63] C:\DOCUME~1\Hop\LOCALS~1\Temp\691g.exe
O4 - HKCU\..\Run: [AB8F09F6] C:\DOCUME~1\Hop\LOCALS~1\Temp\ya3ztj.exe
O4 - HKCU\..\Run: [442994C6] C:\DOCUME~1\Hop\LOCALS~1\Temp\yjddx.exe
O4 - HKCU\..\Run: [F8D98903] C:\DOCUME~1\Hop\LOCALS~1\Temp\reae86spx.exe
O4 - HKCU\..\Run: [9A1645E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\b0tcytk6.exe
O4 - HKCU\..\Run: [E3F85E56] C:\DOCUME~1\Hop\LOCALS~1\Temp\h9nzf9cgrpg.exe
O4 - HKCU\..\Run: [A358FC8E] C:\DOCUME~1\Hop\LOCALS~1\Temp\6as6qw73.exe
O4 - HKCU\..\Run: [A33786E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\osa.exe
O4 - HKCU\..\Run: [CEAC7CE6] C:\DOCUME~1\Hop\LOCALS~1\Temp\wi2nui8sz.exe
O4 - HKCU\..\Run: [F3224076] C:\DOCUME~1\Hop\LOCALS~1\Temp\51q.exe
O4 - HKCU\..\Run: [A232E656] C:\DOCUME~1\Hop\LOCALS~1\Temp\jscap8q.exe
O4 - HKCU\..\Run: [876F9743] C:\DOCUME~1\Hop\LOCALS~1\Temp\haept.exe
O4 - HKCU\..\Run: [AA70F9FE] C:\DOCUME~1\Hop\LOCALS~1\Temp\ym3dtquqquvi.exe
O4 - HKCU\..\Run: [8039A0CB] C:\DOCUME~1\Hop\LOCALS~1\Temp\r4bamchx4em.exe
O4 - HKCU\..\Run: [ECE6126B] C:\DOCUME~1\Hop\LOCALS~1\Temp\swom13o2qb1.exe
O4 - HKCU\..\Run: [A8AE39E3] C:\DOCUME~1\Hop\LOCALS~1\Temp\7sm9.exe
O4 - HKCU\..\Run: [B90004C6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xdxa3ivzrd.exe
O4 - HKCU\..\Run: [B84C7E5E] C:\DOCUME~1\Hop\LOCALS~1\Temp\27r3.exe
O4 - HKCU\..\Run: [87627D63] C:\DOCUME~1\Hop\LOCALS~1\Temp\ss24748x2f0.exe
O4 - HKCU\..\Run: [AC7A9FE3] C:\DOCUME~1\Hop\LOCALS~1\Temp\0gn9nu8imt.exe
O4 - HKCU\..\Run: [EB59AF7E] C:\DOCUME~1\Hop\LOCALS~1\Temp\la28lp.exe
O4 - HKCU\..\Run: [E09AFE5B] C:\DOCUME~1\Hop\LOCALS~1\Temp\01kt.exe
O4 - HKCU\..\Run: [89A6FAF6] C:\DOCUME~1\Hop\LOCALS~1\Temp\geov5ldsez1j.exe
O4 - HKCU\..\Run: [E87AC463] C:\DOCUME~1\Hop\LOCALS~1\Temp\4qwa.exe
O4 - HKCU\..\Run: [EA8CA25E] C:\DOCUME~1\Hop\LOCALS~1\Temp\82pv8hmsp.exe
O4 - HKCU\..\Run: [EF0D05EB] C:\DOCUME~1\Hop\LOCALS~1\Temp\yh2nj6upl79.exe
O4 - HKCU\..\Run: [9F0F3B53] C:\DOCUME~1\Hop\LOCALS~1\Temp\ctlwt6b60.exe
O4 - HKCU\..\Run: [E87390E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\xu7c.exe
O4 - HKCU\..\Run: [90DB906B] C:\DOCUME~1\Hop\LOCALS~1\Temp\27qvnp.exe
O4 - HKCU\..\Run: [C940B90E] C:\DOCUME~1\Hop\LOCALS~1\Temp\euauccq.exe
O4 - HKCU\..\Run: [A1ACDDD6] C:\DOCUME~1\Hop\LOCALS~1\Temp\vxtsph91uy7p.exe
O4 - HKCU\..\Run: [8B82547E] C:\DOCUME~1\Hop\LOCALS~1\Temp\r5xr4sknjq2t.exe
O4 - HKCU\..\Run: [CAAE70CB] C:\DOCUME~1\Hop\LOCALS~1\Temp\lc7l0.exe
O4 - HKCU\..\Run: [D9A5AADB] C:\DOCUME~1\Hop\LOCALS~1\Temp\66lky1o1uh5.exe
O4 - HKCU\..\Run: [DCC47F56] C:\DOCUME~1\Hop\LOCALS~1\Temp\4hknv8e.exe
O4 - HKCU\..\Run: [A13A8263] C:\DOCUME~1\Hop\LOCALS~1\Temp\tuzn6l.exe
O4 - HKCU\..\Run: [E0616FE3] C:\DOCUME~1\Hop\LOCALS~1\Temp\kjv.exe
O4 - HKCU\..\Run: [C06C0886] C:\DOCUME~1\Hop\LOCALS~1\Temp\di9tsllq.exe
O4 - HKCU\..\Run: [CB9F87FB] C:\DOCUME~1\Hop\LOCALS~1\Temp\nz5eodwxv.exe
O4 - HKCU\..\Run: [98AF2176] C:\DOCUME~1\Hop\LOCALS~1\Temp\5fl7.exe
O4 - HKCU\..\Run: [9B9BA283] C:\DOCUME~1\Hop\LOCALS~1\Temp\yihvzrfl3yu8.exe
O4 - HKCU\..\Run: [508DD1E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\8g4m31.exe
O4 - HKCU\..\Run: [A920D653] C:\DOCUME~1\Hop\LOCALS~1\Temp\tom1eqy4.exe
O4 - HKCU\..\Run: [DA6F8CD6] C:\DOCUME~1\Hop\LOCALS~1\Temp\4mp0m.exe
O4 - HKCU\..\Run: [8B58486B] C:\DOCUME~1\Hop\LOCALS~1\Temp\unhzw7oa8ysm.exe
O4 - HKCU\..\Run: [FBA5F653] C:\DOCUME~1\Hop\LOCALS~1\Temp\2q6lprd.exe
O4 - HKCU\..\Run: [9B7852C3] C:\DOCUME~1\Hop\LOCALS~1\Temp\vpgsw.exe
O4 - HKCU\..\Run: [178FF8E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\larsf3cu8t4u.exe
O4 - HKCU\..\Run: [E9764B76] C:\DOCUME~1\Hop\LOCALS~1\Temp\8t30yc.exe
O4 - HKCU\..\Run: [80F78106] C:\DOCUME~1\Hop\LOCALS~1\Temp\645rdykw.exe
O4 - HKCU\..\Run: [1C26D9CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\rqk3l6yjah.exe
O4 - HKCU\..\Run: [D07785E6] C:\DOCUME~1\Hop\LOCALS~1\Temp\nkl.exe
O4 - HKCU\..\Run: [C8AECD4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\vdhln.exe
O4 - HKCU\..\Run: [134FD84E] C:\DOCUME~1\Hop\LOCALS~1\Temp\1s4ae.exe
O4 - HKCU\..\Run: [D0B31C76] C:\DOCUME~1\Hop\LOCALS~1\Temp\zdo0.exe
O4 - HKCU\..\Run: [91F12503] C:\DOCUME~1\Hop\LOCALS~1\Temp\33dhip3.exe
O4 - HKCU\..\Run: [E29425CE] C:\DOCUME~1\Hop\LOCALS~1\Temp\whq32bv4lqx5.exe
O4 - HKCU\..\Run: [F5C2AF4E] C:\DOCUME~1\Hop\LOCALS~1\Temp\xgbq6z9xmcd.exe
O4 - HKCU\..\Run: [080144EE] C:\DOCUME~1\Hop\LOCALS~1\Temp\rzi.exe
O4 - HKCU\..\Run: [F004F8FE] C:\DOCUME~1\Hop\LOCALS~1\Temp\cmxr.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: (no name) - {237AA178-C3BC-4f67-A8BB-D8BC14BA0B89} - (no file)
O9 - Extra button: Corel Network monitor worker - {8D3979C2-AD64-43BE-9967-3C6E3D8F7B35} - (no file)
O9 - Extra 'Tools' menuitem: Corel Network monitor worker - {8D3979C2-AD64-43BE-9967-3C6E3D8F7B35} - (no file)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: (no name) - {237AA178-C3BC-4f67-A8BB-D8BC14BA0B89} - (no file) (HKCU)
O9 - Extra button: Corel Network monitor worker - {8D3979C2-AD64-43BE-9967-3C6E3D8F7B35} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Corel Network monitor worker - {8D3979C2-AD64-43BE-9967-3C6E3D8F7B35} - (no file) (HKCU)

Boot into safe mode making sure you can see hidden files and folders


How To Boot Into SafeMode

How To Show Hidden Files And Folders

* Open My Computer.
* Select the Tools menu and click Folder Options.
* Select the View Tab.
* Under the Hidden files and folders heading select Show hidden files and folders.
* Click Yes to confirm.
* Click OK.

Delete:

C:\WINDOWS\System32\P2P Networking
C:\Program Files\Viewpoint\Viewpoint Manager

Run hijack this and post a new log

There will be more to do!












« Last Edit: October 21, 2004, 11:45:23 AM by jvic » Logged

John Vickers
HoptheTerp
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 10


Bookmark and Share

View Profile
« Reply #9 on: October 21, 2004, 06:31:06 PM »

Ok, I did it all. It took the better part of two hours. The online scan found 56 items that could not be cleaned, I wrote them all down, including the path. THe viruses were JAVA_BYTEVER A-1, JAVA BYTEVER A, TROJ MULTIDROP Z, TROJ SMALL II, TROJ p*rnDIAL.BP, TROJ COLLECTOR A, TROJ SMALL DO, BKDR_MAGICON A, TROJ RALEKA A, and TROJ MOJIAL A. When I also uninstalled the programs you told me to and when I rebooted in safe mode they were not there. I still deleted the whole viewpoint folder just to be safe. Heres my new log:

Logfile of HijackThis v1.98.2
Scan saved at 2:27:27 PM, on 10/21/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\cisvc.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\carpserv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Dell\AccessDirect\DadTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\program files\mcafee.com\vso\mcvsshld.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Documents and Settings\Hop\Local Settings\Temp\Temporary Directory 2 for hijackthis1.zip\HijackThis.exe
C:\WINDOWS\System32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Hop\Application Data\Mozilla\Profiles\default\o9ahh0ll.slt\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [VirusScan Online] c:\program files\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AED9C7F3] C:\DOCUME~1\Hop\LOCALS~1\Temp\b9k7jt.exe
O4 - HKLM\..\Run: [AB1D0956] C:\DOCUME~1\Hop\LOCALS~1\Temp\agsoo.exe
O4 - HKLM\..\Run: [FA38D576] C:\DOCUME~1\Hop\LOCALS~1\Temp\14xtqxwu.exe
O4 - HKLM\..\Run: [AA49BE8B] C:\DOCUME~1\Hop\LOCALS~1\Temp\035m6xbfc4fw.exe
O4 - HKLM\..\Run: [FD44206B] C:\DOCUME~1\Hop\LOCALS~1\Temp\nsekgwfe8a.exe
O4 - HKLM\..\Run: [D104144E] C:\DOCUME~1\Hop\LOCALS~1\Temp\pogmph7vs.exe
O4 - HKLM\..\Run: [933780F6] C:\DOCUME~1\Hop\LOCALS~1\Temp\63s.exe
O4 - HKLM\..\Run: [9B297DDE] C:\DOCUME~1\Hop\LOCALS~1\Temp\2jw447j.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\Run: [AED9C7F3] C:\DOCUME~1\Hop\LOCALS~1\Temp\b9k7jt.exe
O4 - HKCU\..\Run: [AB1D0956] C:\DOCUME~1\Hop\LOCALS~1\Temp\agsoo.exe
O4 - HKCU\..\Run: [FA38D576] C:\DOCUME~1\Hop\LOCALS~1\Temp\14xtqxwu.exe
O4 - HKCU\..\Run: [AA49BE8B] C:\DOCUME~1\Hop\LOCALS~1\Temp\035m6xbfc4fw.exe
O4 - HKCU\..\Run: [FD44206B] C:\DOCUME~1\Hop\LOCALS~1\Temp\nsekgwfe8a.exe
O4 - HKCU\..\Run: [D104144E] C:\DOCUME~1\Hop\LOCALS~1\Temp\pogmph7vs.exe
O4 - HKCU\..\Run: [933780F6] C:\DOCUME~1\Hop\LOCALS~1\Temp\63s.exe
O4 - HKCU\..\Run: [9B297DDE] C:\DOCUME~1\Hop\LOCALS~1\Temp\2jw447j.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dll
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1408.g.akamai.net/7/1408/9955/20031218/akamai.info.apple.com/iTunes4/WW/win/019-0123.20031218.zes4d/iTunesSetup.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1098028127069
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemplates/ActiveSecurity.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab


Logged

 
jvic
Visiting Administrator
Hero Member
*****

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 1238


Bookmark and Share

View Profile
« Reply #10 on: October 21, 2004, 11:08:11 PM »

Ok we got rid of a bunch but still a lot more to go.When I get home from work I will check your log and post back.
Logged

John Vickers
HoptheTerp
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 10


Bookmark and Share

View Profile
« Reply #11 on: October 21, 2004, 11:12:19 PM »

ok, thanks so much!! I havent gotten that p*rn pop up since I cleaned up the last stuff.. so it seems to have worked!! let me know what else I can do to clean this machine up. Thanks!!!
Logged

 
Pages: [1] Go Up Print 
 
Jump to:  

Powered by MySQL Powered by PHP

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines

Valid XHTML 1.0! Valid CSS!

Disclaimer
This site is NOT responsible for any damage that the information on this site may cause to your system. Everything you try, whether inspired by the response given from this site or not, is entirely at your own risk. All product names and company names used herein are for identification purpose only and may be trademarks or registered trademarks of their respective owners. We are in no way affiliated or representing any of the companies on this site unless specified.
Back to Top
Stop Spam Harvesters, Join Project Honey Pot Fight Back Against Spammers! Get Firefox! Get Thunderbird! View Sylvain Amyots profile on LinkedIn
Back to Top
Google visited last this page June 07, 2017, 12:10:00 AM