Jump to content


Photo

HijackThis Results List


  • This topic is locked This topic is locked
4 replies to this topic

#1 Plane

Plane

    Member

  • Full Member
  • Pip
  • 3 posts

Posted 13 July 2007 - 05:51 PM

Hi, could someone tell me the bad programs are?:

Logfile of HijackThis v1.99.1
Scan saved at 2:42:06 PM, on 7/13/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\1137897444\ee\services\safetyCore\ver210_5_4_1\aolavupd.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\mcafee.com\personal firewall\MPFService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\mcafee.com\ANTIVI~1\mcshield.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\TOSHIBA\gigabeat room 2.0.2\TosGbWatcher.exe
C:\Program Files\Common Files\WinAntiSpyware 2007\WAS7Mon.exe
C:\Program Files\Common Files\AOL\1137897444\ee\AOLSoftware.exe
C:\Program Files\Common Files\AOL\1137897444\ee\services\safetyCore\ver210_5_4_1\AOLSP Scheduler.exe
C:\Program Files\mcafee.com\antivirus\oasclnt.exe
C:\Program Files\mcafee.com\antivirus\mcvsescn.exe
C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe
C:\Program Files\Burger\QPrint\QPrint.exe
C:\Program Files\NETGEAR\MA111 Configuration Utility\wlancfg4.EXE
C:\Program Files\Common Files\AOL\1137897444\ee\SSCEvtHdlr.exe
C:\Program Files\Common Files\AOL\1137897444\ee\aolsoftware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarerefer...=...6Ojg5&lid=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.c...//www.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: MSVPS System - {4118A625-1B64-4ED1-A2E9-76DEC529D2D2} - C:\WINDOWS\qnxplugin.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TosGbWatcher] "C:\Program Files\TOSHIBA\gigabeat room 2.0.2\TosGbWatcher.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Common Files\WinAntiSpyware 2007\WAS7Mon.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1137897444\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLSPScheduler] C:\Program Files\Common Files\AOL\1137897444\ee\services\safetyCore\ver210_5_4_1\AOLSP Scheduler.exe
O4 - HKLM\..\Run: [sscRun] C:\Program Files\Common Files\AOL\1137897444\ee\SSCRun.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\mcafee.com\antivirus\oasclnt.exe
O4 - HKLM\..\Run: [EmailScan] C:\Program Files\mcafee.com\antivirus\mcvsescn.exe
O4 - HKLM\..\Run: [MPFExe] C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\Common Files\AOL\Launch\AOLLaunch.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [System Mechanic Popup Blocker] "C:\Program Files\iolo\System Mechanic 6\PopupBlocker.exe"
O4 - Startup: QPrint.lnk = C:\Program Files\Burger\QPrint\QPrint.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: MA111 Configuration Utility.lnk = C:\Program Files\NETGEAR\MA111 Configuration Utility\wlancfg.exe
O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe
O8 - Extra context menu item: &Search - http://edits.mywebse...?p=ZJxdm092YYUS
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.73\AMVConverter\grab.html
O8 - Extra context menu item: Add to Media Manager... - C:\Program Files\MP3 Player Utilities 3.73\MediaManager\grab.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative....026/CTSUEng.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnote...ad/mnviewer.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.h...staller_gmn.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: msddx - {DE45C141-1E18-4AA2-8FEA-502F817B890E} - C:\WINDOWS\msddx.dll
O21 - SSODL: msqnx - {71E94C82-A0A3-411B-86E9-38CEB5B646AC} - C:\WINDOWS\msqnx.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL Antivirus Update Service (aolavupd) - AOL LLC - C:\Program Files\Common Files\AOL\1137897444\ee\services\safetyCore\ver210_5_4_1\aolavupd.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
O23 - Service: McAfee McShield (McShield) - McAfee Inc. - C:\PROGRA~1\mcafee.com\ANTIVI~1\mcshield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\Program Files\mcafee.com\personal firewall\MPFService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

#2 miekiemoes

miekiemoes

    Malware Expert

  • Global Moderator
  • PipPipPipPipPip
  • 20,026 posts

Posted 13 July 2007 - 06:12 PM

Hi, could someone tell me the bad programs are?

Is this a quiz? :p

Do next please..

First of all, uninstall WinAntiSpyware 2007 as this is a so called spywareCleaner with a bad reputation, present on the blacklist.

Then,

* Download SDFix and save it to your Desktop.

* Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

* Reboot into Safe Mode`: ( without networking support !)
°To get into the Windows Safe Mode, restart your computer and, just before Windows starts to load, tap the F8 key a few times.
Choose Safe Mode from the menu that will appear and press Enter.
  • Open the extracted SDFix folder and double click RunThis.bat to start the script.
  • Type Y to begin the cleanup process.
  • It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
  • Press any Key and it will restart the PC.
  • When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
  • Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
    (Report.txt will also be copied to Clipboard ready for posting back on the forum).
  • Finally paste the contents of the Report.txt back on the forum with a new HijackThis log

AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#3 Plane

Plane

    Member

  • Full Member
  • Pip
  • 3 posts

Posted 14 July 2007 - 03:41 PM

OK, here's the report from SDfix:


SDFix: Version 1.91

Run by Jolius on Sat 07/14/2007 at 02:08 PM

Microsoft Windows XP [Version 5.1.2600]

Running From: C:\PROGRA~1\SDFix

Safe Mode:
Checking Services:


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files:

Trojan Files Found:

C:\Documents and Settings\Jolius\Favorites\Error Cleaner.url - Deleted
C:\Documents and Settings\Jolius\Favorites\Privacy Protector.url - Deleted
C:\Documents and Settings\Jolius\Favorites\Spyware&Malware Protection.url - Deleted
C:\Documents and Settings\Jolius\Application Data\Install.dat - Deleted
C:\WINDOWS\dat.txt - Deleted
C:\WINDOWS\msddx.dll - Deleted
C:\WINDOWS\msqnx.dll - Deleted
C:\WINDOWS\rs.txt - Deleted



Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.



Final Check:

Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Disabled:hpqscnvw"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Disabled:iTunes"
"C:\\WINDOWS\\system32\\P2P Networking\\P2P Networking.exe"="C:\\WINDOWS\\system32\\P2P Networking\\P2P Networking.exe:*:Disabled:P2P Networking"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Disabled:Windows Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Disabled:Yahoo! FT Server"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Disabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Yahoo! Music Engine\\YahooMusicEngine.exe"="C:\\Program Files\\Yahoo!\\Yahoo! Music Engine\\YahooMusicEngine.exe:*:Disabled:Yahoo! Music Engine"
"C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Disabled:ęTorrent"
"C:\\Program Files\\Common Files\\AOL\\1137897444\\ee\\aim6.exe"="C:\\Program Files\\Common Files\\AOL\\1137897444\\ee\\aim6.exe:*:Disabled:AIM"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Disabled:LimeWire"
"C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"="C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Opera\\Opera.exe"="C:\\Program Files\\Opera\\Opera.exe:*:Disabled:Opera Internet Browser"
"C:\\Program Files\\Burger\\QPrint\\QPrint.exe"="C:\\Program Files\\Burger\\QPrint\\QPrint.exe:*:Disabled:QPrint"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Disabled:RealPlayer"
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Best Buy Rhapsody\\rhapsody.exe"="C:\\Program Files\\Best Buy Rhapsody\\rhapsody.exe:*:Disabled:Rhapsody Media Player"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\Common Files\\AOL\\1137897444\\ee\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1137897444\\ee\\AOLServiceHost.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe:*:Enabled:AOL TopSpeed"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

Remaining Files:
---------------

Backups Folder: - C:\PROGRA~1\SDFix\backups\backups.zip

Files with Hidden Attributes:

C:\Documents and Settings\Chris.HOME\My Documents\ZENcast\ExtremeTech.com Podcast\Cover Art\Thumbs.db
C:\Program Files\Common Files\system32.dll
C:\Program Files\eRightSoft\SUPER\cygwin1.dll
C:\Program Files\eRightSoft\SUPER\cygz.dll
C:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\ddnt3260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\drv13260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\dspr3260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll
C:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll
C:\Program Files\eRightSoft\SUPER\mencoder\raac.dll
C:\Program Files\eRightSoft\SUPER\mencoder\rnco3260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\rnlt3260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\rv103260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\rv203260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\rv303260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\rv403260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\tokr3260.dll
C:\WINDOWS\system32\flvDX.dll
C:\WINDOWS\system32\msfDX.dll
C:\WINDOWS\system32\NTICDMK32.dll
C:\WINDOWS\system32\ntiembed.dll
C:\Program Files\America Online 9.0\aolphx.exe
C:\Program Files\America Online 9.0\aoltray.exe
C:\Program Files\America Online 9.0\RBM.exe
C:\Program Files\America Online 9.0a\AOLphx.exe
C:\Program Files\America Online 9.0a\rbm.exe
C:\Program Files\Common Files\Adobe\ESD\DLMCleanup.exe
C:\Program Files\eRightSoft\SUPER\Setup.exe
C:\Documents and Settings\All Users\Application Data\OYAŽ3113>.sys
C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT100.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT102.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT103.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT105.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT106.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT108.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT10D.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT110.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT111.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT112.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT113.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT115.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT116.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT119.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT11A.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT11B.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT11C.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT11D.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT11E.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT11F.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT120.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT121.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT123.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT124.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT125.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT126.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT127.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT128.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT12A.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT12B.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT12C.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT12D.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT12E.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT12F.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT130.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT132.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT133.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT135.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT136.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT137.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT138.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT139.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT13A.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT13B.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT13D.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT13E.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT13F.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT14.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT140.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT141.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT143.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT144.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT145.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT146.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT147.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT148.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT149.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT14B.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT14C.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT14D.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT14E.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT14F.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT15.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT150.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT152.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT153.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT154.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT155.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT157.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT158.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT159.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT15B.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT15C.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT15D.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT15E.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT15F.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT161.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT162.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT163.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT165.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT166.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT167.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT168.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT169.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT16A.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT16C.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT16D.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT16E.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT16F.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT170.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT171.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT172.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT173.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT174.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT175.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT176.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT177.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT178.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT179.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT17A.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT17B.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT17C.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT17D.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT17E.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT17F.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT180.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT181.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT182.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT183.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT184.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT185.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT186.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT187.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT188.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT189.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT18A.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT18B.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT18C.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT18D.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT18E.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT18F.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT19.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT190.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT191.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT192.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT193.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT194.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT195.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT196.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT197.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT198.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT199.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT19A.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT19B.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT19C.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT19D.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT19E.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT19F.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1A.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1A0.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1A1.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1A2.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1A4.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1A5.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1A6.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1A7.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1A8.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1A9.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1AA.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1AC.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1AD.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1AE.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1AF.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1B0.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1B1.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1B2.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1B3.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1B4.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1B5.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1B6.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1B7.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1B8.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1B9.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1BA.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1BB.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1BC.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1BD.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1BE.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1C0.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1C1.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1C2.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1C3.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1C5.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1C7.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1C8.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1C9.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1CA.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1CB.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1CC.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1CD.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1CE.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1D0.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1D1.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1D2.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1D3.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1D4.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1D5.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1D6.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1D7.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1D8.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1DA.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1DB.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1DC.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1DD.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1DE.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1DF.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1E0.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1E1.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1E2.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1E4.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1E8.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1ED.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1EF.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1F3.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1F8.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1FC.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1FE.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT1FF.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT20.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT200.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT201.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT205.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT206.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT207.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT208.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT20A.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT20B.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT20C.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT20E.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT20F.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT21.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT210.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT211.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT212.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT214.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT215.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT216.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT217.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT218.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT219.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT21A.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT21C.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT21D.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT21E.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT21F.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT220.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT222.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT223.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT224.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT225.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT226.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT227.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT229.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT22A.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT22B.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT22C.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT22D.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT22E.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT23.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT230.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT231.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT232.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT233.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT234.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT235.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT237.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT238.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT239.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT23A.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT23B.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT23C.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT23D.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT23F.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT240.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT241.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT243.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT244.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT246.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT247.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT248.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT249.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT24A.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT24B.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT24D.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT24E.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT24F.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT251.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT252.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT253.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT255.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT256.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT257.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT258.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT259.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT25B.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT25C.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT25D.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT25E.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT25F.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT260.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT261.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT262.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT263.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT266.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT267.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT27C.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT285.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT29.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT2A7.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT2B.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT2C.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT2D8.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT2DD.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT2E.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT2E9.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT2FE.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT303.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT31.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT31A.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT31F.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT32.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT346.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT361.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT3A.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT3A9.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT3AF.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT3B7.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT3D.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT3E9.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT3F0.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT40C.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT41E.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT45.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT456.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT46.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT47B.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT48.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT49A.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT4AA.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT4C4.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT4CD.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT4DB.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT4DD.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT4E.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT4E0.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT4E3.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT4F.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT51.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT52.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT56.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT59.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT5C.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT61.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT62.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT6C.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT6D.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT74.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT76.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT77.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT79.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT7A.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT7E.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT80.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT82.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT86.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT90.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT93.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT96.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT99.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BIT9F.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITA1.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITA4.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITA5.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITA8.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITA9.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITAA.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITAC.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITB0.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITB2.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITB4.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITB6.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITB7.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITB9.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITC0.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITC1.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITC2.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITC5.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITC7.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITCF.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITD5.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITD7.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITD9.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITDA.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITDB.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITDC.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITDD.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITDE.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITE2.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITE4.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITE7.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITE8.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITEC.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITED.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITEF.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITF0.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITF3.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITF6.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITF9.tmp
C:\Documents and Settings\Jolius\Local Settings\Temp\BITFF.tmp

Finished
And here the new report from HijackThis:

Logfile of HijackThis v1.99.1
Scan saved at 2:35:58 PM, on 7/14/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\1137897444\ee\services\safetyCore\ver210_5_4_1\aolavupd.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\mcafee.com\personal firewall\MPFService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
C:\Program Files\Microsoft Windows OneCare Live\winss.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\TOSHIBA\gigabeat room 2.0.2\TosGbWatcher.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\WinAntiSpyware 2007\WAS7Mon.exe
C:\Program Files\Common Files\AOL\1137897444\ee\AOLSoftware.exe
C:\Program Files\Common Files\AOL\1137897444\ee\services\safetyCore\ver210_5_4_1\AOLSP Scheduler.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\mcafee.com\antivirus\mcvsescn.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\AOL\1137897444\ee\SSCEvtHdlr.exe
C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe
C:\Program Files\NETGEAR\MA111 Configuration Utility\wlancfg4.EXE
C:\Program Files\Burger\QPrint\QPrint.exe
C:\Program Files\Common Files\AOL\1137897444\ee\aolsoftware.exe
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\Defrag.exe
C:\Program Files\hijackthis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.c...//www.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TosGbWatcher] "C:\Program Files\TOSHIBA\gigabeat room 2.0.2\TosGbWatcher.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Common Files\WinAntiSpyware 2007\WAS7Mon.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1137897444\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLSPScheduler] C:\Program Files\Common Files\AOL\1137897444\ee\services\safetyCore\ver210_5_4_1\AOLSP Scheduler.exe
O4 - HKLM\..\Run: [sscRun] C:\Program Files\Common Files\AOL\1137897444\ee\SSCRun.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\mcafee.com\antivirus\oasclnt.exe
O4 - HKLM\..\Run: [EmailScan] C:\Program Files\mcafee.com\antivirus\mcvsescn.exe
O4 - HKLM\..\Run: [MPFExe] C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\Common Files\AOL\Launch\AOLLaunch.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [System Mechanic Popup Blocker] "C:\Program Files\iolo\System Mechanic 6\PopupBlocker.exe"
O4 - Startup: QPrint.lnk = C:\Program Files\Burger\QPrint\QPrint.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: MA111 Configuration Utility.lnk = C:\Program Files\NETGEAR\MA111 Configuration Utility\wlancfg.exe
O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe
O8 - Extra context menu item: &Search - http://edits.mywebse...?p=ZJxdm092YYUS
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.73\AMVConverter\grab.html
O8 - Extra context menu item: Add to Media Manager... - C:\Program Files\MP3 Player Utilities 3.73\MediaManager\grab.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative....026/CTSUEng.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnote...ad/mnviewer.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.h...staller_gmn.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL Antivirus Update Service (aolavupd) - AOL LLC - C:\Program Files\Common Files\AOL\1137897444\ee\services\safetyCore\ver210_5_4_1\aolavupd.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
O23 - Service: McAfee McShield (McShield) - McAfee Inc. - C:\PROGRA~1\mcafee.com\ANTIVI~1\mcshield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\Program Files\mcafee.com\personal firewall\MPFService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

I think that SDfix program took care of the problem, but can someone please tell me if the any of the entries on the HijackThis report are bad? I just want to make sure there is no other malware/viruses/spyware..ect...

Edited by Plane, 14 July 2007 - 03:47 PM.


#4 miekiemoes

miekiemoes

    Malware Expert

  • Global Moderator
  • PipPipPipPipPip
  • 20,026 posts

Posted 15 July 2007 - 09:48 AM

Hi,

We're not finished yet...

A note first. I see you have 2 firewalls installed. McAfee Firewall and the firewall from Microsoft Windows OneCare Live.
Never install more than one firewall as they are not compatible and may cause a lot of problems.
So I suggest you uninstall the McAfee Firewall here.

Then, Please uninstall WinAntiSpyware 2007

Reboot afterwards.

After reboot,

* Start HijackThis, close all open windows leaving only HijackThis running. Place a check against each of the following:

O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Common Files\WinAntiSpyware 2007\WAS7Mon.exe"
O8 - Extra context menu item: &Search - http://edits.mywebse...?p=ZJxdm092YYUS
O18 - Filter: text/html - (no CLSID) - (no file)


* Click on Fix Checked when finished and exit HijackThis.
Make sure your Internet Explorer is closed when you click Fix Checked!

Please set your system to show all files.
Click Start.
Open My Computer.
Select the Tools menu and click Folder Options.
Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders.
Uncheck: Hide file extensions for known file types
Uncheck the Hide protected operating system files (recommended) option.
Click Yes to confirm.
Click OK.

Please hide your hidden files and folders afterwards again, when we are done with this thread and your problems are solved, because above instructions to set your system to show all files, unhide legit files and folders as well.
And I don't want you to delete them because they may look suspicious. To hide them again, just perform the above instructions in the opposite way.


Then navigate to and delete next file and folder:

C:\Program Files\Common Files\system32.dll <== file
C:\Program Files\Common Files\WinAntiSpyware 2007 <== folder

Post a new HijackThislog in your next reply.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#5 miekiemoes

miekiemoes

    Malware Expert

  • Global Moderator
  • PipPipPipPipPip
  • 20,026 posts

Posted 25 July 2007 - 06:27 AM

Due to the lack of feedback, this Topic is closed.

If you need this topic reopened for continuations of existing problems, please tell the moderating team by replying here
This applies only to the original topic starter.

Everyone else please begin a New Topic.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button