• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
Plane

HijackThis Results List

5 posts in this topic

Hi, could someone tell me the bad programs are?:

 

Logfile of HijackThis v1.99.1

Scan saved at 2:42:06 PM, on 7/13/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16473)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe

C:\Program Files\Common Files\AOL\1137897444\ee\services\safetyCore\ver210_5_4_1\aolavupd.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe

C:\Program Files\mcafee.com\personal firewall\MPFService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\PROGRA~1\mcafee.com\ANTIVI~1\mcshield.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\TOSHIBA\gigabeat room 2.0.2\TosGbWatcher.exe

C:\Program Files\Common Files\WinAntiSpyware 2007\WAS7Mon.exe

C:\Program Files\Common Files\AOL\1137897444\ee\AOLSoftware.exe

C:\Program Files\Common Files\AOL\1137897444\ee\services\safetyCore\ver210_5_4_1\AOLSP Scheduler.exe

C:\Program Files\mcafee.com\antivirus\oasclnt.exe

C:\Program Files\mcafee.com\antivirus\mcvsescn.exe

C:\Program Files\mcafee.com\personal firewall\MPfTray.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe

C:\Program Files\Burger\QPrint\QPrint.exe

C:\Program Files\NETGEAR\MA111 Configuration Utility\wlancfg4.EXE

C:\Program Files\Common Files\AOL\1137897444\ee\SSCEvtHdlr.exe

C:\Program Files\Common Files\AOL\1137897444\ee\aolsoftware.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe

C:\Program Files\LimeWire\LimeWire.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\hijackthis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=...6Ojg5&lid=2

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: MSVPS System - {4118A625-1B64-4ED1-A2E9-76DEC529D2D2} - C:\WINDOWS\qnxplugin.dll

O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [TosGbWatcher] "C:\Program Files\TOSHIBA\gigabeat room 2.0.2\TosGbWatcher.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [salestart] "C:\Program Files\Common Files\WinAntiSpyware 2007\WAS7Mon.exe"

O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1137897444\ee\AOLSoftware.exe

O4 - HKLM\..\Run: [AOLSPScheduler] C:\Program Files\Common Files\AOL\1137897444\ee\services\safetyCore\ver210_5_4_1\AOLSP Scheduler.exe

O4 - HKLM\..\Run: [sscRun] C:\Program Files\Common Files\AOL\1137897444\ee\SSCRun.exe

O4 - HKLM\..\Run: [OASClnt] C:\Program Files\mcafee.com\antivirus\oasclnt.exe

O4 - HKLM\..\Run: [EmailScan] C:\Program Files\mcafee.com\antivirus\mcvsescn.exe

O4 - HKLM\..\Run: [MPFExe] C:\Program Files\mcafee.com\personal firewall\MPfTray.exe

O4 - HKCU\..\Run: [Aim6] "C:\Program Files\Common Files\AOL\Launch\AOLLaunch.exe" /d locale=en-US ee://aol/imApp

O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [system Mechanic Popup Blocker] "C:\Program Files\iolo\System Mechanic 6\PopupBlocker.exe"

O4 - Startup: QPrint.lnk = C:\Program Files\Burger\QPrint\QPrint.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: MA111 Configuration Utility.lnk = C:\Program Files\NETGEAR\MA111 Configuration Utility\wlancfg.exe

O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZJxdm092YYUS

O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm

O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.73\AMVConverter\grab.html

O8 - Extra context menu item: Add to Media Manager... - C:\Program Files\MP3 Player Utilities 3.73\MediaManager\grab.html

O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm

O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm

O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab

O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab

O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O18 - Filter: text/html - (no CLSID) - (no file)

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O21 - SSODL: msddx - {DE45C141-1E18-4AA2-8FEA-502F817B890E} - C:\WINDOWS\msddx.dll

O21 - SSODL: msqnx - {71E94C82-A0A3-411B-86E9-38CEB5B646AC} - C:\WINDOWS\msqnx.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe

O23 - Service: AOL Antivirus Update Service (aolavupd) - AOL LLC - C:\Program Files\Common Files\AOL\1137897444\ee\services\safetyCore\ver210_5_4_1\aolavupd.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe

O23 - Service: McAfee McShield (McShield) - McAfee Inc. - C:\PROGRA~1\mcafee.com\ANTIVI~1\mcshield.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\Program Files\mcafee.com\personal firewall\MPFService.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

Share this post


Link to post
Share on other sites
Hi, could someone tell me the bad programs are?
Is this a quiz? :p

 

Do next please..

 

First of all, uninstall WinAntiSpyware 2007 as this is a so called spywareCleaner with a bad reputation, present on the blacklist.

 

Then,

 

* Download SDFix and save it to your Desktop.

 

* Double click SDFix.exe and it will extract the files to %systemdrive%

(Drive that contains the Windows Directory, typically C:\SDFix)

 

* Reboot into Safe Mode`: ( without networking support !)

°To get into the Windows Safe Mode, restart your computer and, just before Windows starts to load, tap the F8 key a few times.

Choose Safe Mode from the menu that will appear and press Enter.

  • Open the extracted SDFix folder and double click RunThis.bat to start the script.
  • Type Y to begin the cleanup process.
  • It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
  • Press any Key and it will restart the PC.
  • When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
  • Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
    (Report.txt will also be copied to Clipboard ready for posting back on the forum).
  • Finally paste the contents of the Report.txt back on the forum with a new HijackThis log

Share this post


Link to post
Share on other sites

OK, here's the report from SDfix:

 

 

SDFix: Version 1.91

 

Run by Jolius on Sat 07/14/2007 at 02:08 PM

 

Microsoft Windows XP [Version 5.1.2600]

 

Running From: C:\PROGRA~1\SDFix

 

Safe Mode:

Checking Services:

 

 

Restoring Windows Registry Values

Restoring Windows Default Hosts File

 

Rebooting...

 

 

Normal Mode:

Checking Files:

 

Trojan Files Found:

 

C:\Documents and Settings\Jolius\Favorites\Error Cleaner.url - Deleted

C:\Documents and Settings\Jolius\Favorites\Privacy Protector.url - Deleted

C:\Documents and Settings\Jolius\Favorites\Spyware&Malware Protection.url - Deleted

C:\Documents and Settings\Jolius\Application Data\Install.dat - Deleted

C:\WINDOWS\dat.txt - Deleted

C:\WINDOWS\msddx.dll - Deleted

C:\WINDOWS\msqnx.dll - Deleted

C:\WINDOWS\rs.txt - Deleted

 

 

 

Removing Temp Files...

 

ADS Check:

 

C:\WINDOWS

No streams found.

 

C:\WINDOWS\system32

No streams found.

 

C:\WINDOWS\system32\svchost.exe

No streams found.

 

C:\WINDOWS\system32\ntoskrnl.exe

No streams found.

 

 

 

Final Check:

 

Remaining Services:

------------------

 

 

 

Authorized Application Key Export:

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Disabled:hpqscnvw"

"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Disabled:iTunes"

"C:\\WINDOWS\\system32\\P2P Networking\\P2P Networking.exe"="C:\\WINDOWS\\system32\\P2P Networking\\P2P Networking.exe:*:Disabled:P2P Networking"

"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Disabled:Windows Messenger"

"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Disabled:Yahoo! FT Server"

"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Disabled:Yahoo! Messenger"

"C:\\Program Files\\Yahoo!\\Yahoo! Music Engine\\YahooMusicEngine.exe"="C:\\Program Files\\Yahoo!\\Yahoo! Music Engine\\YahooMusicEngine.exe:*:Disabled:Yahoo! Music Engine"

"C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Disabled:æTorrent"

"C:\\Program Files\\Common Files\\AOL\\1137897444\\ee\\aim6.exe"="C:\\Program Files\\Common Files\\AOL\\1137897444\\ee\\aim6.exe:*:Disabled:AIM"

"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Disabled:LimeWire"

"C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"="C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000"

"C:\\Program Files\\Opera\\Opera.exe"="C:\\Program Files\\Opera\\Opera.exe:*:Disabled:Opera Internet Browser"

"C:\\Program Files\\Burger\\QPrint\\QPrint.exe"="C:\\Program Files\\Burger\\QPrint\\QPrint.exe:*:Disabled:QPrint"

"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Disabled:RealPlayer"

"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"

"C:\\Program Files\\Best Buy Rhapsody\\rhapsody.exe"="C:\\Program Files\\Best Buy Rhapsody\\rhapsody.exe:*:Disabled:Rhapsody Media Player"

"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"

"C:\\Program Files\\Common Files\\AOL\\1137897444\\ee\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1137897444\\ee\\AOLServiceHost.exe:*:Enabled:AOL Services"

"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe:*:Enabled:AOL TopSpeed"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

 

Remaining Files:

---------------

 

Backups Folder: - C:\PROGRA~1\SDFix\backups\backups.zip

 

Files with Hidden Attributes:

 

C:\Documents and Settings\Chris.HOME\My Documents\ZENcast\ExtremeTech.com Podcast\Cover Art\Thumbs.db

C:\Program Files\Common Files\system32.dll

C:\Program Files\eRightSoft\SUPER\cygwin1.dll

C:\Program Files\eRightSoft\SUPER\cygz.dll

C:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll

C:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll

C:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll

C:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll

C:\Program Files\eRightSoft\SUPER\mencoder\ddnt3260.dll

C:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll

C:\Program Files\eRightSoft\SUPER\mencoder\drv13260.dll

C:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll

C:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll

C:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll

C:\Program Files\eRightSoft\SUPER\mencoder\dspr3260.dll

C:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll

C:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll

C:\Program Files\eRightSoft\SUPER\mencoder\raac.dll

C:\Program Files\eRightSoft\SUPER\mencoder\rnco3260.dll

C:\Program Files\eRightSoft\SUPER\mencoder\rnlt3260.dll

C:\Program Files\eRightSoft\SUPER\mencoder\rv103260.dll

C:\Program Files\eRightSoft\SUPER\mencoder\rv203260.dll

C:\Program Files\eRightSoft\SUPER\mencoder\rv303260.dll

C:\Program Files\eRightSoft\SUPER\mencoder\rv403260.dll

C:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll

C:\Program Files\eRightSoft\SUPER\mencoder\tokr3260.dll

C:\WINDOWS\system32\flvDX.dll

C:\WINDOWS\system32\msfDX.dll

C:\WINDOWS\system32\NTICDMK32.dll

C:\WINDOWS\system32\ntiembed.dll

C:\Program Files\America Online 9.0\aolphx.exe

C:\Program Files\America Online 9.0\aoltray.exe

C:\Program Files\America Online 9.0\RBM.exe

C:\Program Files\America Online 9.0a\AOLphx.exe

C:\Program Files\America Online 9.0a\rbm.exe

C:\Program Files\Common Files\Adobe\ESD\DLMCleanup.exe

C:\Program Files\eRightSoft\SUPER\Setup.exe

C:\Documents and Settings\All Users\Application Data\OYAŽ3113>.sys

C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT100.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT102.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT103.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT105.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT106.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT108.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT10D.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT110.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT111.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT112.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT113.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT115.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT116.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT119.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT11A.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT11B.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT11C.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT11D.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT11E.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT11F.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT120.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT121.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT123.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT124.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT125.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT126.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT127.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT128.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT12A.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT12B.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT12C.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT12D.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT12E.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT12F.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT130.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT132.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT133.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT135.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT136.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT137.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT138.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT139.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT13A.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT13B.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT13D.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT13E.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT13F.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT14.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT140.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT141.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT143.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT144.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT145.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT146.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT147.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT148.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT149.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT14B.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT14C.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT14D.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT14E.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT14F.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT15.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT150.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT152.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT153.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT154.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT155.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT157.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT158.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT159.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT15B.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT15C.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT15D.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT15E.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT15F.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT161.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT162.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT163.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT165.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT166.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT167.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT168.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT169.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT16A.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT16C.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT16D.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT16E.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT16F.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT170.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT171.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT172.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT173.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT174.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT175.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT176.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT177.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT178.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT179.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT17A.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT17B.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT17C.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT17D.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT17E.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT17F.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT180.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT181.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT182.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT183.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT184.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT185.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT186.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT187.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT188.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT189.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT18A.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT18B.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT18C.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT18D.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT18E.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT18F.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT19.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT190.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT191.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT192.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT193.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT194.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT195.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT196.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT197.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT198.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT199.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT19A.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT19B.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT19C.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT19D.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT19E.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT19F.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1A.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1A0.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1A1.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1A2.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1A4.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1A5.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1A6.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1A7.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1A8.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1A9.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1AA.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1AC.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1AD.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1AE.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1AF.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1B0.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1B1.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1B2.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1B3.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1B4.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1B5.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1B6.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1B7.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1B8.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1B9.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1BA.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1BB.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1BC.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1BD.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1BE.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1C0.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1C1.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1C2.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1C3.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1C5.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1C7.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1C8.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1C9.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1CA.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1CB.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1CC.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1CD.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1CE.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1D0.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1D1.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1D2.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1D3.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1D4.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1D5.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1D6.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1D7.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1D8.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1DA.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1DB.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1DC.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1DD.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1DE.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1DF.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1E0.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1E1.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1E2.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1E4.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1E8.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1ED.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1EF.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1F3.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1F8.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1FC.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1FE.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1FF.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT20.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT200.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT201.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT205.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT206.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT207.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT208.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT20A.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT20B.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT20C.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT20E.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT20F.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT21.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT210.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT211.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT212.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT214.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT215.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT216.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT217.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT218.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT219.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT21A.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT21C.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT21D.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT21E.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT21F.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT220.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT222.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT223.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT224.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT225.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT226.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT227.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT229.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT22A.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT22B.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT22C.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT22D.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT22E.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT23.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT230.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT231.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT232.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT233.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT234.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT235.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT237.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT238.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT239.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT23A.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT23B.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT23C.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT23D.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT23F.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT240.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT241.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT243.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT244.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT246.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT247.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT248.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT249.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT24A.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT24B.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT24D.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT24E.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT24F.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT251.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT252.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT253.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT255.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT256.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT257.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT258.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT259.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT25B.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT25C.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT25D.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT25E.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT25F.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT260.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT261.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT262.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT263.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT266.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT267.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT27C.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT285.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT29.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT2A7.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT2B.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT2C.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT2D8.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT2DD.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT2E.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT2E9.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT2FE.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT303.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT31.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT31A.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT31F.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT32.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT346.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT361.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT3A.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT3A9.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT3AF.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT3B7.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT3D.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT3E9.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT3F0.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT40C.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT41E.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT45.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT456.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT46.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT47B.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT48.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT49A.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT4AA.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT4C4.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT4CD.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT4DB.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT4DD.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT4E.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT4E0.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT4E3.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT4F.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT51.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT52.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT56.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT59.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT5C.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT61.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT62.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT6C.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT6D.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT74.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT76.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT77.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT79.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT7A.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT7E.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT80.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT82.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT86.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT90.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT93.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT96.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT99.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BIT9F.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITA1.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITA4.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITA5.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITA8.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITA9.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITAA.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITAC.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITB0.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITB2.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITB4.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITB6.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITB7.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITB9.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITC0.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITC1.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITC2.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITC5.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITC7.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITCF.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITD5.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITD7.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITD9.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITDA.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITDB.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITDC.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITDD.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITDE.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITE2.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITE4.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITE7.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITE8.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITEC.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITED.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITEF.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITF0.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITF3.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITF6.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITF9.tmp

C:\Documents and Settings\Jolius\Local Settings\Temp\BITFF.tmp

 

Finished

And here the new report from HijackThis:

 

Logfile of HijackThis v1.99.1

Scan saved at 2:35:58 PM, on 7/14/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16473)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe

C:\Program Files\Common Files\AOL\1137897444\ee\services\safetyCore\ver210_5_4_1\aolavupd.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe

C:\Program Files\mcafee.com\personal firewall\MPFService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe

C:\Program Files\Microsoft Windows OneCare Live\winss.exe

C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\notepad.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\TOSHIBA\gigabeat room 2.0.2\TosGbWatcher.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Common Files\WinAntiSpyware 2007\WAS7Mon.exe

C:\Program Files\Common Files\AOL\1137897444\ee\AOLSoftware.exe

C:\Program Files\Common Files\AOL\1137897444\ee\services\safetyCore\ver210_5_4_1\AOLSP Scheduler.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\mcafee.com\antivirus\mcvsescn.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Common Files\AOL\1137897444\ee\SSCEvtHdlr.exe

C:\Program Files\mcafee.com\personal firewall\MPfTray.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe

C:\Program Files\NETGEAR\MA111 Configuration Utility\wlancfg4.EXE

C:\Program Files\Burger\QPrint\QPrint.exe

C:\Program Files\Common Files\AOL\1137897444\ee\aolsoftware.exe

C:\Program Files\Microsoft Office\Office\WINWORD.EXE

C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe

C:\WINDOWS\system32\Defrag.exe

C:\Program Files\hijackthis\HijackThis.exe

C:\WINDOWS\system32\NOTEPAD.EXE

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [TosGbWatcher] "C:\Program Files\TOSHIBA\gigabeat room 2.0.2\TosGbWatcher.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [salestart] "C:\Program Files\Common Files\WinAntiSpyware 2007\WAS7Mon.exe"

O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1137897444\ee\AOLSoftware.exe

O4 - HKLM\..\Run: [AOLSPScheduler] C:\Program Files\Common Files\AOL\1137897444\ee\services\safetyCore\ver210_5_4_1\AOLSP Scheduler.exe

O4 - HKLM\..\Run: [sscRun] C:\Program Files\Common Files\AOL\1137897444\ee\SSCRun.exe

O4 - HKLM\..\Run: [OASClnt] C:\Program Files\mcafee.com\antivirus\oasclnt.exe

O4 - HKLM\..\Run: [EmailScan] C:\Program Files\mcafee.com\antivirus\mcvsescn.exe

O4 - HKLM\..\Run: [MPFExe] C:\Program Files\mcafee.com\personal firewall\MPfTray.exe

O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"

O4 - HKCU\..\Run: [Aim6] "C:\Program Files\Common Files\AOL\Launch\AOLLaunch.exe" /d locale=en-US ee://aol/imApp

O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [system Mechanic Popup Blocker] "C:\Program Files\iolo\System Mechanic 6\PopupBlocker.exe"

O4 - Startup: QPrint.lnk = C:\Program Files\Burger\QPrint\QPrint.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: MA111 Configuration Utility.lnk = C:\Program Files\NETGEAR\MA111 Configuration Utility\wlancfg.exe

O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZJxdm092YYUS

O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm

O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.73\AMVConverter\grab.html

O8 - Extra context menu item: Add to Media Manager... - C:\Program Files\MP3 Player Utilities 3.73\MediaManager\grab.html

O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm

O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm

O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab

O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab

O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O18 - Filter: text/html - (no CLSID) - (no file)

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe

O23 - Service: AOL Antivirus Update Service (aolavupd) - AOL LLC - C:\Program Files\Common Files\AOL\1137897444\ee\services\safetyCore\ver210_5_4_1\aolavupd.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe

O23 - Service: McAfee McShield (McShield) - McAfee Inc. - C:\PROGRA~1\mcafee.com\ANTIVI~1\mcshield.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\Program Files\mcafee.com\personal firewall\MPFService.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

 

I think that SDfix program took care of the problem, but can someone please tell me if the any of the entries on the HijackThis report are bad? I just want to make sure there is no other malware/viruses/spyware..ect...

Edited by Plane

Share this post


Link to post
Share on other sites

Hi,

 

We're not finished yet...

 

A note first. I see you have 2 firewalls installed. McAfee Firewall and the firewall from Microsoft Windows OneCare Live.

Never install more than one firewall as they are not compatible and may cause a lot of problems.

So I suggest you uninstall the McAfee Firewall here.

 

Then, Please uninstall WinAntiSpyware 2007

 

Reboot afterwards.

 

After reboot,

 

* Start HijackThis, close all open windows leaving only HijackThis running. Place a check against each of the following:

 

O4 - HKLM\..\Run: [salestart] "C:\Program Files\Common Files\WinAntiSpyware 2007\WAS7Mon.exe"

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZJxdm092YYUS

O18 - Filter: text/html - (no CLSID) - (no file)

 

* Click on Fix Checked when finished and exit HijackThis.

Make sure your Internet Explorer is closed when you click Fix Checked!

 

Please set your system to show all files.

Click Start.

Open My Computer.

Select the Tools menu and click Folder Options.

Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders.

Uncheck: Hide file extensions for known file types

Uncheck the Hide protected operating system files (recommended) option.

Click Yes to confirm.

Click OK.

 

Please hide your hidden files and folders afterwards again, when we are done with this thread and your problems are solved, because above instructions to set your system to show all files, unhide legit files and folders as well.

And I don't want you to delete them because they may look suspicious. To hide them again, just perform the above instructions in the opposite way.

 

Then navigate to and delete next file and folder:

 

C:\Program Files\Common Files\system32.dll <== file

C:\Program Files\Common Files\WinAntiSpyware 2007 <== folder

 

Post a new HijackThislog in your next reply.

Share this post


Link to post
Share on other sites

Due to the lack of feedback, this Topic is closed.

 

If you need this topic reopened for continuations of existing problems, please tell the moderating team by replying here

This applies only to the original topic starter.

 

Everyone else please begin a New Topic.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0