Thread: Spyware message on desktop..(HJT log)
View Single Post
Old 05-21-2005, 03:46 PM   #1 (permalink)
brooksie
Registered User
 
Join Date: Dec 2004
Posts: 29
OS: XP


Spyware message on desktop..(HJT log)
Hi, got home on to my parents place this w/e and they seem to have a spyware problem, the desktop has turned black with a link saying

' WARNING!
YOU'RE IN DANGER!
ALL YOU DO WITH COMPUTER IS STORED FOREVER IN YOUR HARD DISK. WHEN YOU VISIT SITES, SEND EMAILS... ALL YOUR ACTIONS ARE LOGGED. AND IT IS IMPOSSIBLE TO REMOVE THEM WITH STANDARD TOOLS. YOUR DATA IS STILL AVAILABLE FOR FORENSICS. AND IN SOME CASES FOR YOUR BOSS, YOUR FRIENDS, YOUR WIFE, YOUR CHILDREN.
Every site you or somebody or even something, like spyware, opened in your browser, with all images, and all downloaded and maybe later removed movies or mp3 songs - ARE STILL THERE and could broke your life!
SECURE YOURSELF RIGHT NOW!
REMOVE ALL SPYWARE FROM YOUR PC!
Removal instructions



i've run adaware, search and destroy cwshredder and cleared out of a lot of crap but i'm not all very clued up on computers an can't seem to get rid of it....

also on shut down it seems to have problems closing a program called 'win min' and seems to struggle logging into some user logins.....

hijack this logfile......


Logfile of HijackThis v1.99.1
Scan saved at 22:40:21, on 05/21/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
C:\PROGRA~1\SPYSPO~1\SpySpotter.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\FotoStation Easy\FotoStation Easy AutoLaunch.exe
C:\freeserve\freeserveconnectionkit\atdialler1.exe
C:\Program Files\Kodak\Picture Easy Software\Program\PezDownload.exe
C:\Program Files\Nikon\NkView5\NkvMon.exe
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Chris\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://w-find.com/index.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://w-find.com/index.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.freeserve.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://w-find.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://w-find.com/index.htm
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
O4 - HKLM\..\Run: [SpySpotter] C:\PROGRA~1\SPYSPO~1\SpySpotter.exe -onreboot
O4 - HKLM\..\RunOnce: [Srv32 spool service] C:\WINDOWS\System32\spoolsrv32.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [fejbeuq] c:\windows\symtgaf.exe
O4 - HKCU\..\Run: [lyughpv] c:\windows\hdfybnj.exe
O4 - HKCU\..\Run: [gyyskwb] c:\windows\lwtjkxv.exe
O4 - HKCU\..\Run: [gccohva] c:\windows\lwtjkxv.exe
O4 - HKCU\..\Run: [jempwxj] c:\windows\lwtjkxv.exe
O4 - HKCU\..\Run: [pykrgcp] c:\windows\lwtjkxv.exe
O4 - HKCU\..\Run: [uqpkulj] c:\windows\lwtjkxv.exe
O4 - HKCU\..\Run: [txuhgut] c:\windows\lwtjkxv.exe
O4 - HKCU\..\Run: [qsojgsp] c:\windows\weqregl.exe
O4 - HKCU\..\Run: [evxkbfn] c:\windows\weqregl.exe
O4 - HKCU\..\Run: [cyxmneg] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [rfkqiga] c:\windows\xsxiqgc.exe
O4 - HKCU\..\Run: [efmetur] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [leclhue] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [thalmnt] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [grgshug] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [gvntqpi] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [pewstyf] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [mynyqby] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [kcjssht] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [iemuhny] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [foydeak] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [bpecidq] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [gbkcrkt] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [ljuplfg] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [nqydyjo] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [fxqyatg] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [trerqaw] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [hgjcbwn] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [uochnrn] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [kcpscyv] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [qubmcjh] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [lipnlox] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [tpdaldh] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [ecsedeh] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [qtxcbfq] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [uwidcbf] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [ylihyht] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [salklix] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [gxhmmye] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [ekrwukr] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [gdniprv] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [gwbpnat] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [trvusxk] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [ombbgxc] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [ejugksh] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [khnrjte] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [dswvamg] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [qibamkt] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [mwounbq] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [vfrvbfb] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [bdtwpfw] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [hpnvdhi] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [oipbloe] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [kltmbfm] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [qtglsgs] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [vygdexs] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [uouystw] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [wprttcb] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [seernhi] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [swfnbrf] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [ebefdvi] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [emugxvk] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [kallttg] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [tedniff] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [kqvvhar] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [uextbil] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [icerhhf] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [rxwccog] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [sewxyjp] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [oegvuhc] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [hsfghnt] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [lxyigjy] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [djlismd] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [qpfrnvk] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [oqnpwpm] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [wotieea] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [telfdis] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [eppqqkk] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [lmuklds] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [whjrxix] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [pvpxfod] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [tegwbax] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [mtqhdpn] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [dpmfwnf] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [ohnqcph] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [xqgirls] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [gfhpihu] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [ekkrcte] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [gbkxhbl] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [hrpcukl] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [kupxysb] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [gaymrpt] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [eqcpcpv] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [hqlfnwg] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [lefvesg] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [jmmiiiv] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [gsahclv] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [ppslfbe] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [wmctjoc] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [btqwrds] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [jfcdqjt] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [jpixxqr] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [wxuidhp] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [numpxii] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [omtpgvv] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [uwysxew] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [rsjjgsf] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [jxhewpe] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [srtyykh] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [pbbqyxk] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [wjcjlwt] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [ttolxbc] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [wsfgwta] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [jdpywjd] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [yvmkoxi] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [cqyaylk] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [qqlpqyr] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [cblyygk] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [utmohmd] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [gtiufmt] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [rsyismr] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [lmttiqw] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [boauixq] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [cfiyjvy] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [fpnfxsy] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [kijwnlk] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [lqfrygk] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [aiulinc] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [govnxtc] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [nrmdthy] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [ntftnox] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [fwhrjwi] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [grqomac] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [odpymtr] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [uxdqsfs] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [gdigrxy] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [mdrjdyk] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [taqnwur] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [iuyneve] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [kcepxkh] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [lboimsx] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [gjscbre] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [dupstro] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [dtswkem] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [hdpapar] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [rjdwrfd] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [oitqhsv] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [ngrhudq] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [gocrqje] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [nkgrnam] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [yvvgmxv] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [uaecjpt] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [dfuhckw] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [lgnpnrw] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [sgwwwiv] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [pyxdonm] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [syhrhxn] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [agnqpyu] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [cwnvciv] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [mseohme] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [hspuugu] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [sqonwwi] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [kwbdcui] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [mvknmbw] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [wuiybcl] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [unwgfbc] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [pebgxjg] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [kvrvnue] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [wwmvmee] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [ofpxori] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [qvsoxly] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [goctqtd] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [klmxgbk] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [rinhnbs] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [vfllioe] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [sibniji] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [stcjlmn] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [sddnrjl] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [ocannot] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [tydfutr] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [sdfprpq] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [smmwbey] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [jvjrqoa] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [sfaepwl] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [kfdblam] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [jfhnnly] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [rvroxne] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [cvibqvc] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [exduqbk] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [qgsvlun] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [chdigbq] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [qsredwj] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [ixoivcj] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [etiotus] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [tsbjivw] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [feqmnrb] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [qqvbxks] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [qmceswv] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [cbrymti] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [taoaipd] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [pmkfjsl] c:\windows\lhugqol.exe
O4 - HKCU\..\Run: [bstfnik] c:\windows\obeyyub.exe
O4 - HKCU\..\Run: [dteceto] c:\windows\obeyyub.exe
O4 - HKCU\..\Run: [aqcnxpd] c:\windows\obeyyub.exe
O4 - HKCU\..\Run: [oiktnuq] c:\windows\oklpreo.exe
O4 - HKCU\..\Run: [whtsbrs] c:\windows\oklpreo.exe
O4 - HKCU\..\Run: [jxayvcd] c:\windows\oklpreo.exe
O4 - HKCU\..\Run: [xkhxoyw] c:\windows\oklpreo.exe
O4 - HKCU\..\Run: [muocsmk] c:\windows\oklpreo.exe
O4 - HKCU\..\Run: [tmxjyyh] c:\windows\oklpreo.exe
O4 - HKCU\..\Run: [guqbcqi] c:\windows\oklpreo.exe
O4 - HKCU\..\Run: [paywrnp] c:\windows\oklpreo.exe
O4 - HKCU\..\Run: [lkcrroc] c:\windows\oklpreo.exe
O4 - HKCU\..\Run: [fkcgwsf] c:\windows\oklpreo.exe
O4 - HKCU\..\Run: [swdttvd] c:\windows\oklpreo.exe
O4 - HKCU\..\Run: [ikqbdem] c:\windows\epakolm.exe
O4 - HKCU\..\Run: [ymjkvms] c:\windows\epakolm.exe
O4 - HKCU\..\Run: [lnlswdw] c:\windows\drltrib.exe
O4 - HKCU\..\Run: [phbvjxv] c:\windows\drltrib.exe
O4 - HKCU\..\Run: [knocoqf] c:\windows\drltrib.exe
O4 - HKCU\..\Run: [mmubhqi] c:\windows\drltrib.exe
O4 - HKCU\..\Run: [xwcessp] c:\windows\drltrib.exe
O4 - HKCU\..\Run: [nvniyfh] c:\windows\drltrib.exe
O4 - HKCU\..\Run: [olomiwb] c:\windows\drltrib.exe
O4 - HKCU\..\Run: [dqnesoo] c:\windows\drltrib.exe
O4 - HKCU\..\Run: [munvhku] c:\windows\drltrib.exe
O4 - HKCU\..\Run: [oapdrtg] c:\windows\drltrib.exe
O4 - HKCU\..\Run: [skypiiq] c:\windows\drltrib.exe
O4 - HKCU\..\Run: [wdkdolb] c:\windows\drltrib.exe
O4 - HKCU\..\Run: [xbccncy] c:\windows\drltrib.exe
O4 - HKCU\..\Run: [vcwnkcy] c:\windows\drltrib.exe
O4 - HKCU\..\Run: [npxkjxg] c:\windows\drltrib.exe
O4 - HKCU\..\Run: [govfket] c:\windows\drltrib.exe
O4 - HKCU\..\Run: [wkltmhg] c:\windows\drltrib.exe
O4 - HKCU\..\Run: [skmixep] c:\windows\drltrib.exe
O4 - HKCU\..\Run: [lhfpwqm] c:\windows\drltrib.exe
O4 - HKCU\..\Run: [jvguncv] c:\windows\drltrib.exe
O4 - HKCU\..\Run: [wqkrqrt] c:\windows\drltrib.exe
O4 - HKCU\..\Run: [udijwbp] c:\windows\jaoeggr.exe
O4 - HKCU\..\Run: [wjnpxwl] c:\windows\jaoeggr.exe
O4 - HKCU\..\Run: [pikxqrx] c:\windows\jaoeggr.exe
O4 - HKCU\..\Run: [oakmlku] c:\windows\jaoeggr.exe
O4 - HKCU\..\Run: [ybbvfhu] c:\windows\jaoeggr.exe
O4 - HKCU\..\Run: [rlmiile] c:\windows\rjokesl.exe
O4 - HKCU\..\Run: [mesipni] c:\windows\rjokesl.exe
O4 - HKCU\..\Run: [ascwkoq] c:\windows\rjokesl.exe
O4 - HKCU\..\Run: [ejhocri] c:\windows\rjokesl.exe
O4 - HKCU\..\Run: [ljnmmqd] c:\windows\rjokesl.exe
O4 - HKCU\..\Run: [ipaymdp] c:\windows\rjokesl.exe
O4 - HKCU\..\Run: [rxqsjhh] c:\windows\rjokesl.exe
O4 - HKCU\..\Run: [tfqiixq] c:\windows\rjokesl.exe
O4 - HKCU\..\Run: [ljmyfuw] c:\windows\rjokesl.exe
O4 - HKCU\..\Run: [baijlxv] c:\windows\rjokesl.exe
O4 - HKCU\..\Run: [bfkplbs] c:\windows\rjokesl.exe
O4 - HKCU\..\Run: [guaisaj] c:\windows\rjokesl.exe
O4 - HKCU\..\Run: [iokkcmb] c:\windows\rjokesl.exe
O4 - HKCU\..\Run: [tfeanag] c:\windows\rjokesl.exe
O4 - HKCU\..\Run: [ospnruc] c:\windows\rjokesl.exe
O4 - HKCU\..\Run: [lskrsrq] c:\windows\rjokesl.exe
O4 - HKCU\..\Run: [lbnitkg] c:\windows\rjokesl.exe
O4 - HKCU\..\Run: [kldvdhc] c:\windows\rjokesl.exe
O4 - HKCU\..\Run: [yvrybpy] c:\windows\rjokesl.exe
O4 - HKCU\..\Run: [epiysap] c:\windows\rjokesl.exe
O4 - HKCU\..\Run: [rwsbmdo] c:\windows\iodoeap.exe
O4 - HKCU\..\Run: [hjpwlxv] c:\windows\iodoeap.exe
O4 - HKCU\..\Run: [yucwgur] c:\windows\iodoeap.exe
O4 - HKCU\..\Run: [dqsjxgb] c:\windows\iodoeap.exe
O4 - HKCU\..\Run: [fukxixa] c:\windows\iodoeap.exe
O4 - HKCU\..\Run: [gfknyfs] c:\windows\iodoeap.exe
O4 - HKCU\..\Run: [smrcjsg] c:\windows\iodoeap.exe
O4 - HKCU\..\Run: [xjfchuq] c:\windows\iodoeap.exe
O4 - HKCU\..\Run: [ttfikoo] c:\windows\iodoeap.exe
O4 - HKCU\..\Run: [kgxasfo] c:\windows\iodoeap.exe
O4 - HKCU\..\Run: [bgsdmgm] c:\windows\iodoeap.exe
O4 - HKCU\..\Run: [caqlyhn] c:\windows\iodoeap.exe
O4 - HKCU\..\Run: [phuoooi] c:\windows\iodoeap.exe
O4 - HKCU\..\Run: [icqfbwc] c:\windows\iodoeap.exe
O4 - HKCU\..\Run: [wlscxrr] c:\windows\iodoeap.exe
O4 - HKCU\..\Run: [hlxrvrp] c:\windows\iodoeap.exe
O4 - HKCU\..\Run: [bkhtlxq] c:\windows\iodoeap.exe
O4 - HKCU\..\Run: [ouuljpv] c:\windows\iodoeap.exe
O4 - HKCU\..\Run: [uxkdvht] c:\windows\iodoeap.exe
O4 - HKCU\..\Run: [jhchnot] c:\windows\iodoeap.exe
O4 - HKCU\..\Run: [xgssvji] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [qbfghmy] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [ruadtma] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [hknjnkj] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [vwcgsjy] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [olqroqc] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [fceagkm] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [sixhmdg] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [xdmfmel] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [wgkjmlk] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [ructxgk] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [ijibvxi] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [gmnseyu] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [eclvdaj] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [jkcwayd] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [vqlfcyj] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [nyipymy] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [ysktgum] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [etoxqoq] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [twnhtst] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [jhmaodj] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [gwmqbqk] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [grtyims] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [rnlnyek] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [ucxyrhf] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [wsmqjxt] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [jwvobpr] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [uvomryo] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [pxaimle] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [asmbgvd] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [fgueenk] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [ihpyhqb] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [vtghwjo] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [nfbchov] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [byibktf] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [xkqiatw] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [gxnyeja] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [lgcpelf] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [yutvsxu] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [elcmihm] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [sltkkko] c:\windows\mvkvtkq.exe
O4 - HKCU\..\Run: [tkufndn] c:\windows\jhlwmnb.exe
O4 - HKCU\..\Run: [fdxkuji] c:\windows\jhlwmnb.exe
O4 - HKCU\..\Run: [keobibo] c:\windows\jhlwmnb.exe
O4 - HKCU\..\Run: [sclouew] c:\windows\jhlwmnb.exe
O4 - HKCU\..\Run: [nbkpsji] c:\windows\jhlwmnb.exe
O4 - HKCU\..\Run: [xocahgu] c:\windows\jhlwmnb.exe
O4 - HKCU\..\Run: [eqquuxt] c:\windows\jhlwmnb.exe
O4 - HKCU\..\Run: [xkuoggg] c:\windows\jhlwmnb.exe
O4 - HKCU\..\Run: [iupvvja] c:\windows\jhlwmnb.exe
O4 - HKCU\..\Run: [mvqiawk] c:\windows\gckttet.exe
O4 - HKCU\..\Run: [flhuxrv] c:\windows\vqedhqv.exe
O4 - HKCU\..\Run: [pnwixwa] c:\windows\tiwwdng.exe
O4 - HKCU\..\Run: [xiayqte] c:\windows\ujthqsa.exe
O4 - HKCU\..\Run: [bagaott] c:\windows\iqgkbcm.exe
O4 - HKCU\..\Run: [trtysto] c:\windows\iciehjm.exe
O4 - HKCU\..\Run: [ielhcwv] c:\windows\tuyqjvg.exe
O4 - HKCU\..\Run: [qgsdjvm] c:\windows\ucjmatd.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\RunOnce: [Srv32 spool service] C:\WINDOWS\System32\spoolsrv32.exe
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: FotoStation Easy AutoLaunch.lnk = ?
O4 - Global Startup: Freeserve Connection Kit.lnk = C:\freeserve\freeserveconnectionkit\atdialler1.exe
O4 - Global Startup: Kodak Picture Easy 3.1 Batch Transfer.lnk = C:\Program Files\Kodak\Picture Easy Software\Program\PezDownload.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView5\NkvMon.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0527.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0527.dll
O9 - Extra button: Microsoft AntiSpyware helper - {07D1A699-3C30-4403-9C57-A216A4D6110E} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {07D1A699-3C30-4403-9C57-A216A4D6110E} - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\flsmngr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\flsmngr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\flsmngr.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.freeserve.com/
O16 - DPF: DigiChat Applet - http://host4.digichat.com/DigiChat/D.../Client_IE.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com.../c381/chat.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com...45/yacscom.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by102fd.bay102.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1101155868359
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client Control (redist)) - https://aragorn.briars.net/tsweb/msrdp.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ms...downloader.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yaho...tocomplete.cab
O16 - DPF: {C56CE781-A6FC-4706-8B32-6EB4622155DF} (MediaConnect Control) - http://plugin.euro-infomedia.com/mpv0.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
brooksie is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here