Hi,
As suggested, I just finished executing the VundoFix and ComboFix programs and they seemed to have removed a whole bunch of infections..Also, i opened Internet explorer and browsed around a little and have not got any problems so far, which is absolutely great....Can't believe it!!!....I will browse around a little more using internet explorer and let you know how it goes....Please find below the VundoFix, ComboFix and HijackThis logs for your perusal...
===========START VundoFix Log=====================
VundoFix V6.5.1
Checking Java version...
Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.
Scan started at 6:42:47 PM 6/26/2007
Listing files found while scanning....
C:\windows\system32\ajasenpr.dll
C:\windows\system32\akwpmdun.ini
C:\windows\system32\alwmnbno.ini
C:\WINDOWS\system32\awvvw.dll
C:\windows\system32\ccguebbi.dll
C:\windows\system32\ccmqbgok.dll
C:\windows\system32\ccosgbkm.ini
C:\windows\system32\cemyebih.dll
C:\windows\system32\cfrowbwi.dll
C:\windows\system32\djpblfwq.dll
C:\windows\system32\djquiklt.dll
C:\windows\system32\dtdcrogu.ini
C:\windows\system32\dxhcjsns.dll
C:\windows\system32\einoighu.ini
C:\windows\system32\elkvwjoq.ini
C:\windows\system32\elnsuvwx.dll
C:\windows\system32\elvwavdh.ini
C:\windows\system32\enafkgnm.ini
C:\windows\system32\ewslepil.dll
C:\windows\system32\fldakffh.ini
C:\windows\system32\gsjeniel.dll
C:\windows\system32\gtdmilwv.dll
C:\windows\system32\hcqpcdxh.dll
C:\windows\system32\hdvawvle.dll
C:\windows\system32\hffkadlf.dll
C:\windows\system32\hibeymec.ini
C:\windows\system32\hqdjafrm.dll
C:\windows\system32\htdioisq.dll
C:\windows\system32\ibbeugcc.ini
C:\WINDOWS\system32\iehqaffd.dll
C:\windows\system32\iwbworfc.ini
C:\windows\system32\iyxwtwkl.ini
C:\windows\system32\jcfackly.ini
C:\WINDOWS\system32\jkthjbkn.dll
C:\windows\system32\kbwqtooy.dll
C:\windows\system32\klrrwsxn.dll
C:\windows\system32\kogbqmcc.ini
C:\windows\system32\kvckmeds.dll
C:\windows\system32\lcfljrru.ini
C:\windows\system32\lipelswe.ini
C:\windows\system32\lkwtwxyi.dll
C:\WINDOWS\system32\lqknnvyw.dll
C:\windows\system32\mcfnrybu.dll
C:\windows\system32\mewmeurp.dll
C:\windows\system32\mkbgsocc.dll
C:\windows\system32\mngkfane.dll
C:\windows\system32\mrfajdqh.ini
C:\windows\system32\nudmpwka.dll
C:\windows\system32\onbnmwla.dll
C:\windows\system32\oqxmgemq.dll
C:\windows\system32\pruemwem.ini
C:\windows\system32\pwnubqir.ini
C:\WINDOWS\system32\qjsxxxir.dll
C:\windows\system32\qojwvkle.dll
C:\windows\system32\qsioidth.ini
C:\windows\system32\qwflbpjd.ini
C:\windows\system32\rbbjbfer.dll
C:\windows\system32\refbjbbr.ini
C:\windows\system32\rhrlenkv.ini
C:\windows\system32\riqbunwp.dll
C:\windows\system32\rixxxsjq.ini
C:\windows\system32\sdemkcvk.ini
C:\windows\system32\seeofjgt.ini
C:\windows\system32\snsjchxd.ini
C:\WINDOWS\system32\ssqqppn.dll
C:\windows\system32\sydjooeg.dll
C:\windows\system32\tcveyiay.ini
C:\windows\system32\teqaqlxy.ini
C:\windows\system32\tgjfoees.dll
C:\windows\system32\tlkiuqjd.ini
C:\windows\system32\ubmbvjek.exe
C:\windows\system32\ubyrnfcm.ini
C:\windows\system32\ugjxfurx.dll
C:\windows\system32\ugorcdtd.dll
C:\windows\system32\uhgionie.dll
C:\WINDOWS\system32\urnscpbn.dll
C:\windows\system32\urrjlfcl.dll
C:\windows\system32\vdxyshdy.dll
C:\windows\system32\vfedgyof.dll
C:\windows\system32\vknelrhr.dll
C:\windows\system32\vwlimdtg.ini
C:\windows\system32\wvvwa.bak1
C:\WINDOWS\system32\wvvwa.bak2
C:\windows\system32\wvvwa.ini
C:\windows\system32\wvvwa.ini2
C:\WINDOWS\system32\wvvwa.tmp
C:\windows\system32\xaavwhdb.dll
C:\windows\system32\xrufxjgu.ini
C:\windows\system32\xtbeleay.ini
C:\windows\system32\xwvusnle.ini
C:\windows\system32\yaelebtx.dll
C:\windows\system32\yaiyevct.dll
C:\windows\system32\yhjolaqy.ini
C:\windows\system32\ylkcafcj.dll
C:\windows\system32\yqalojhy.dll
C:\windows\system32\yxlqaqet.dll
Beginning removal...
VundoFix V6.5.1
Checking Java version...
Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.
Scan started at 6:47:11 PM 6/26/2007
Listing files found while scanning....
C:\windows\system32\ajasenpr.dll
C:\windows\system32\akwpmdun.ini
C:\windows\system32\alwmnbno.ini
C:\WINDOWS\system32\awvvw.dll
C:\windows\system32\ccguebbi.dll
C:\windows\system32\ccmqbgok.dll
C:\windows\system32\ccosgbkm.ini
C:\windows\system32\cemyebih.dll
C:\windows\system32\cfrowbwi.dll
C:\windows\system32\djpblfwq.dll
C:\windows\system32\djquiklt.dll
C:\windows\system32\dtdcrogu.ini
C:\windows\system32\dxhcjsns.dll
C:\windows\system32\einoighu.ini
C:\windows\system32\elkvwjoq.ini
C:\windows\system32\elnsuvwx.dll
C:\windows\system32\elvwavdh.ini
C:\windows\system32\enafkgnm.ini
C:\windows\system32\ewslepil.dll
C:\windows\system32\fldakffh.ini
C:\windows\system32\gsjeniel.dll
C:\windows\system32\gtdmilwv.dll
C:\windows\system32\hcqpcdxh.dll
C:\windows\system32\hdvawvle.dll
C:\windows\system32\hffkadlf.dll
C:\windows\system32\hibeymec.ini
C:\windows\system32\hqdjafrm.dll
C:\windows\system32\htdioisq.dll
C:\windows\system32\ibbeugcc.ini
C:\WINDOWS\system32\iehqaffd.dll
C:\windows\system32\iwbworfc.ini
C:\windows\system32\iyxwtwkl.ini
C:\windows\system32\jcfackly.ini
C:\WINDOWS\system32\jkthjbkn.dll
C:\windows\system32\kbwqtooy.dll
C:\windows\system32\klrrwsxn.dll
C:\windows\system32\kogbqmcc.ini
C:\windows\system32\kvckmeds.dll
C:\windows\system32\lcfljrru.ini
C:\windows\system32\lipelswe.ini
C:\windows\system32\lkwtwxyi.dll
C:\WINDOWS\system32\lqknnvyw.dll
C:\windows\system32\mcfnrybu.dll
C:\windows\system32\mewmeurp.dll
C:\windows\system32\mkbgsocc.dll
C:\windows\system32\mngkfane.dll
C:\windows\system32\mrfajdqh.ini
C:\windows\system32\nudmpwka.dll
C:\windows\system32\onbnmwla.dll
C:\windows\system32\oqxmgemq.dll
C:\windows\system32\pruemwem.ini
C:\windows\system32\pwnubqir.ini
C:\WINDOWS\system32\qjsxxxir.dll
C:\windows\system32\qojwvkle.dll
C:\windows\system32\qsioidth.ini
C:\windows\system32\qwflbpjd.ini
C:\windows\system32\rbbjbfer.dll
C:\windows\system32\refbjbbr.ini
C:\windows\system32\rhrlenkv.ini
C:\windows\system32\riqbunwp.dll
C:\windows\system32\rixxxsjq.ini
C:\windows\system32\sdemkcvk.ini
C:\windows\system32\seeofjgt.ini
C:\windows\system32\snsjchxd.ini
C:\WINDOWS\system32\ssqqppn.dll
C:\windows\system32\sydjooeg.dll
C:\windows\system32\tcveyiay.ini
C:\windows\system32\teqaqlxy.ini
C:\windows\system32\tgjfoees.dll
C:\windows\system32\tlkiuqjd.ini
C:\windows\system32\ubmbvjek.exe
C:\windows\system32\ubyrnfcm.ini
C:\windows\system32\ugjxfurx.dll
C:\windows\system32\ugorcdtd.dll
C:\windows\system32\uhgionie.dll
C:\WINDOWS\system32\urnscpbn.dll
C:\windows\system32\urrjlfcl.dll
C:\windows\system32\vdxyshdy.dll
C:\windows\system32\vfedgyof.dll
C:\windows\system32\vknelrhr.dll
C:\windows\system32\vwlimdtg.ini
C:\windows\system32\wvvwa.bak1
C:\WINDOWS\system32\wvvwa.bak2
C:\windows\system32\wvvwa.ini
C:\windows\system32\wvvwa.ini2
C:\WINDOWS\system32\wvvwa.tmp
C:\windows\system32\xaavwhdb.dll
C:\windows\system32\xrufxjgu.ini
C:\windows\system32\xtbeleay.ini
C:\windows\system32\xwvusnle.ini
C:\windows\system32\yaelebtx.dll
C:\windows\system32\yaiyevct.dll
C:\windows\system32\yhjolaqy.ini
C:\windows\system32\ylkcafcj.dll
C:\windows\system32\yqalojhy.dll
C:\windows\system32\yxlqaqet.dll
Beginning removal...
Attempting to delete C:\windows\system32\ajasenpr.dll
C:\windows\system32\ajasenpr.dll Has been deleted!
Attempting to delete C:\windows\system32\akwpmdun.ini
C:\windows\system32\akwpmdun.ini Has been deleted!
Attempting to delete C:\windows\system32\alwmnbno.ini
C:\windows\system32\alwmnbno.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\awvvw.dll
C:\WINDOWS\system32\awvvw.dll Has been deleted!
Attempting to delete C:\windows\system32\ccguebbi.dll
C:\windows\system32\ccguebbi.dll Has been deleted!
Attempting to delete C:\windows\system32\ccmqbgok.dll
C:\windows\system32\ccmqbgok.dll Has been deleted!
Attempting to delete C:\windows\system32\ccosgbkm.ini
C:\windows\system32\ccosgbkm.ini Has been deleted!
Attempting to delete C:\windows\system32\cemyebih.dll
C:\windows\system32\cemyebih.dll Has been deleted!
Attempting to delete C:\windows\system32\cfrowbwi.dll
C:\windows\system32\cfrowbwi.dll Has been deleted!
Attempting to delete C:\windows\system32\djpblfwq.dll
C:\windows\system32\djpblfwq.dll Has been deleted!
Attempting to delete C:\windows\system32\djquiklt.dll
C:\windows\system32\djquiklt.dll Has been deleted!
Attempting to delete C:\windows\system32\dtdcrogu.ini
C:\windows\system32\dtdcrogu.ini Has been deleted!
Attempting to delete C:\windows\system32\dxhcjsns.dll
C:\windows\system32\dxhcjsns.dll Has been deleted!
Attempting to delete C:\windows\system32\einoighu.ini
C:\windows\system32\einoighu.ini Has been deleted!
Attempting to delete C:\windows\system32\elkvwjoq.ini
C:\windows\system32\elkvwjoq.ini Has been deleted!
Attempting to delete C:\windows\system32\elnsuvwx.dll
C:\windows\system32\elnsuvwx.dll Has been deleted!
Attempting to delete C:\windows\system32\elvwavdh.ini
C:\windows\system32\elvwavdh.ini Has been deleted!
Attempting to delete C:\windows\system32\enafkgnm.ini
C:\windows\system32\enafkgnm.ini Has been deleted!
Attempting to delete C:\windows\system32\ewslepil.dll
C:\windows\system32\ewslepil.dll Has been deleted!
Attempting to delete C:\windows\system32\fldakffh.ini
C:\windows\system32\fldakffh.ini Has been deleted!
Attempting to delete C:\windows\system32\gsjeniel.dll
C:\windows\system32\gsjeniel.dll Has been deleted!
Attempting to delete C:\windows\system32\gtdmilwv.dll
C:\windows\system32\gtdmilwv.dll Has been deleted!
Attempting to delete C:\windows\system32\hcqpcdxh.dll
C:\windows\system32\hcqpcdxh.dll Has been deleted!
Attempting to delete C:\windows\system32\hdvawvle.dll
C:\windows\system32\hdvawvle.dll Has been deleted!
Attempting to delete C:\windows\system32\hffkadlf.dll
C:\windows\system32\hffkadlf.dll Has been deleted!
Attempting to delete C:\windows\system32\hibeymec.ini
C:\windows\system32\hibeymec.ini Has been deleted!
Attempting to delete C:\windows\system32\hqdjafrm.dll
C:\windows\system32\hqdjafrm.dll Has been deleted!
Attempting to delete C:\windows\system32\htdioisq.dll
C:\windows\system32\htdioisq.dll Has been deleted!
Attempting to delete C:\windows\system32\ibbeugcc.ini
C:\windows\system32\ibbeugcc.ini Has been deleted!
Attempting to delete C:\windows\system32\iwbworfc.ini
C:\windows\system32\iwbworfc.ini Has been deleted!
Attempting to delete C:\windows\system32\iyxwtwkl.ini
C:\windows\system32\iyxwtwkl.ini Has been deleted!
Attempting to delete C:\windows\system32\jcfackly.ini
C:\windows\system32\jcfackly.ini Has been deleted!
Attempting to delete C:\windows\system32\kbwqtooy.dll
C:\windows\system32\kbwqtooy.dll Has been deleted!
Attempting to delete C:\windows\system32\klrrwsxn.dll
C:\windows\system32\klrrwsxn.dll Has been deleted!
Attempting to delete C:\windows\system32\kogbqmcc.ini
C:\windows\system32\kogbqmcc.ini Has been deleted!
Attempting to delete C:\windows\system32\kvckmeds.dll
C:\windows\system32\kvckmeds.dll Has been deleted!
Attempting to delete C:\windows\system32\lcfljrru.ini
C:\windows\system32\lcfljrru.ini Has been deleted!
Attempting to delete C:\windows\system32\lipelswe.ini
C:\windows\system32\lipelswe.ini Has been deleted!
Attempting to delete C:\windows\system32\lkwtwxyi.dll
C:\windows\system32\lkwtwxyi.dll Has been deleted!
Attempting to delete C:\windows\system32\mcfnrybu.dll
C:\windows\system32\mcfnrybu.dll Has been deleted!
Attempting to delete C:\windows\system32\mewmeurp.dll
C:\windows\system32\mewmeurp.dll Has been deleted!
Attempting to delete C:\windows\system32\mkbgsocc.dll
C:\windows\system32\mkbgsocc.dll Has been deleted!
Attempting to delete C:\windows\system32\mngkfane.dll
C:\windows\system32\mngkfane.dll Has been deleted!
Attempting to delete C:\windows\system32\mrfajdqh.ini
C:\windows\system32\mrfajdqh.ini Has been deleted!
Attempting to delete C:\windows\system32\nudmpwka.dll
C:\windows\system32\nudmpwka.dll Has been deleted!
Attempting to delete C:\windows\system32\onbnmwla.dll
C:\windows\system32\onbnmwla.dll Has been deleted!
Attempting to delete C:\windows\system32\oqxmgemq.dll
C:\windows\system32\oqxmgemq.dll Has been deleted!
Attempting to delete C:\windows\system32\pruemwem.ini
C:\windows\system32\pruemwem.ini Has been deleted!
Attempting to delete C:\windows\system32\pwnubqir.ini
C:\windows\system32\pwnubqir.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\qjsxxxir.dll
C:\WINDOWS\system32\qjsxxxir.dll Could not be deleted.
Attempting to delete C:\windows\system32\qojwvkle.dll
C:\windows\system32\qojwvkle.dll Has been deleted!
Attempting to delete C:\windows\system32\qsioidth.ini
C:\windows\system32\qsioidth.ini Has been deleted!
Attempting to delete C:\windows\system32\qwflbpjd.ini
C:\windows\system32\qwflbpjd.ini Has been deleted!
Attempting to delete C:\windows\system32\rbbjbfer.dll
C:\windows\system32\rbbjbfer.dll Has been deleted!
Attempting to delete C:\windows\system32\refbjbbr.ini
C:\windows\system32\refbjbbr.ini Has been deleted!
Attempting to delete C:\windows\system32\rhrlenkv.ini
C:\windows\system32\rhrlenkv.ini Has been deleted!
Attempting to delete C:\windows\system32\riqbunwp.dll
C:\windows\system32\riqbunwp.dll Has been deleted!
Attempting to delete C:\windows\system32\rixxxsjq.ini
C:\windows\system32\rixxxsjq.ini Has been deleted!
Attempting to delete C:\windows\system32\sdemkcvk.ini
C:\windows\system32\sdemkcvk.ini Has been deleted!
Attempting to delete C:\windows\system32\seeofjgt.ini
C:\windows\system32\seeofjgt.ini Has been deleted!
Attempting to delete C:\windows\system32\snsjchxd.ini
C:\windows\system32\snsjchxd.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\ssqqppn.dll
C:\WINDOWS\system32\ssqqppn.dll Could not be deleted.
Attempting to delete C:\windows\system32\sydjooeg.dll
C:\windows\system32\sydjooeg.dll Has been deleted!
Attempting to delete C:\windows\system32\tcveyiay.ini
C:\windows\system32\tcveyiay.ini Has been deleted!
Attempting to delete C:\windows\system32\teqaqlxy.ini
C:\windows\system32\teqaqlxy.ini Has been deleted!
Attempting to delete C:\windows\system32\tgjfoees.dll
C:\windows\system32\tgjfoees.dll Has been deleted!
Attempting to delete C:\windows\system32\tlkiuqjd.ini
C:\windows\system32\tlkiuqjd.ini Has been deleted!
Attempting to delete C:\windows\system32\ubmbvjek.exe
C:\windows\system32\ubmbvjek.exe Has been deleted!
Attempting to delete C:\windows\system32\ubyrnfcm.ini
C:\windows\system32\ubyrnfcm.ini Has been deleted!
Attempting to delete C:\windows\system32\ugjxfurx.dll
C:\windows\system32\ugjxfurx.dll Has been deleted!
Attempting to delete C:\windows\system32\ugorcdtd.dll
C:\windows\system32\ugorcdtd.dll Has been deleted!
Attempting to delete C:\windows\system32\uhgionie.dll
C:\windows\system32\uhgionie.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\urnscpbn.dll
C:\WINDOWS\system32\urnscpbn.dll Has been deleted!
Attempting to delete C:\windows\system32\urrjlfcl.dll
C:\windows\system32\urrjlfcl.dll Has been deleted!
Attempting to delete C:\windows\system32\vdxyshdy.dll
C:\windows\system32\vdxyshdy.dll Has been deleted!
Attempting to delete C:\windows\system32\vfedgyof.dll
C:\windows\system32\vfedgyof.dll Has been deleted!
Attempting to delete C:\windows\system32\vknelrhr.dll
C:\windows\system32\vknelrhr.dll Has been deleted!
Attempting to delete C:\windows\system32\vwlimdtg.ini
C:\windows\system32\vwlimdtg.ini Has been deleted!
Attempting to delete C:\windows\system32\wvvwa.bak1
C:\windows\system32\wvvwa.bak1 Has been deleted!
Attempting to delete C:\WINDOWS\system32\wvvwa.bak2
C:\WINDOWS\system32\wvvwa.bak2 Has been deleted!
Attempting to delete C:\windows\system32\wvvwa.ini
C:\windows\system32\wvvwa.ini Has been deleted!
Attempting to delete C:\windows\system32\wvvwa.ini2
C:\windows\system32\wvvwa.ini2 Has been deleted!
Attempting to delete C:\WINDOWS\system32\wvvwa.tmp
C:\WINDOWS\system32\wvvwa.tmp Has been deleted!
Attempting to delete C:\windows\system32\xaavwhdb.dll
C:\windows\system32\xaavwhdb.dll Has been deleted!
Attempting to delete C:\windows\system32\xrufxjgu.ini
C:\windows\system32\xrufxjgu.ini Has been deleted!
Attempting to delete C:\windows\system32\xtbeleay.ini
C:\windows\system32\xtbeleay.ini Has been deleted!
Attempting to delete C:\windows\system32\xwvusnle.ini
C:\windows\system32\xwvusnle.ini Has been deleted!
Attempting to delete C:\windows\system32\yaelebtx.dll
C:\windows\system32\yaelebtx.dll Has been deleted!
Attempting to delete C:\windows\system32\yaiyevct.dll
C:\windows\system32\yaiyevct.dll Has been deleted!
Attempting to delete C:\windows\system32\yhjolaqy.ini
C:\windows\system32\yhjolaqy.ini Has been deleted!
Attempting to delete C:\windows\system32\ylkcafcj.dll
C:\windows\system32\ylkcafcj.dll Has been deleted!
Attempting to delete C:\windows\system32\yqalojhy.dll
C:\windows\system32\yqalojhy.dll Has been deleted!
Attempting to delete C:\windows\system32\yxlqaqet.dll
C:\windows\system32\yxlqaqet.dll Has been deleted!
Performing Repairs to the registry.
Done!
VundoFix V6.5.1
Checking Java version...
Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.
Scan started at 6:52:47 PM 6/26/2007
Listing files found while scanning....
C:\windows\system32\qjsxxxir.dll
C:\windows\system32\ssqqppn.dll
Beginning removal...
Attempting to delete C:\windows\system32\qjsxxxir.dll
C:\windows\system32\qjsxxxir.dll Has been deleted!
Attempting to delete C:\windows\system32\ssqqppn.dll
C:\windows\system32\ssqqppn.dll Has been deleted!
Performing Repairs to the registry.
Done!
VundoFix V6.5.1
Checking Java version...
Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.
Scan started at 7:00:41 PM 6/26/2007
Listing files found while scanning....
No infected files were found.
===================END VundoFix Log==============
==================START ComboFix Log===============
"Vikram Kapur" - 2007-06-26 19:03:24 - ComboFix 07-06-26.8 - Service Pack 2 NTFS
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\DOCUME~1\VIKRAM~1\Desktop.\internet explorer.lnk
C:\DOCUME~1\VIKRAM~1\MYDOCU~1.\ystem3~1
C:\Program Files\Common Files\companion wizard
C:\Program Files\Common Files\companion wizard\WapCHK.dll
C:\Program Files\poolsv
C:\Program Files\poolsv\is67389.exe
C:\Program Files\poolsv\k11u72.exe
C:\Program Files\poolsv\svhost.exe
C:\Program Files\poolsv\WinAntiSpyware2007FreeInstall.exe
C:\Program Files\poolsv\wr-1-0000077.exe
C:\Program Files\poolsv\YazzleBundle-1549.exe
C:\temp\0b9
C:\temp\0b9\tmpTF.log
C:\temp\iee
C:\temp\iee\tmpZTF.log
C:\temp\tn3
C:\WINDOWS\b136.exe
C:\WINDOWS\cs_cache.ini
C:\WINDOWS\Cursors\ntp2.ini
C:\WINDOWS\poolsv.exe
C:\WINDOWS\rau001978.exe
C:\WINDOWS\system32\acrtgsgj.exe
C:\WINDOWS\system32\afjxbpnb.exe
C:\WINDOWS\system32\ahlhanuj.exe
C:\WINDOWS\system32\aihwlqyt.exe
C:\WINDOWS\system32\airwexgl.exe
C:\WINDOWS\system32\alnbjlgy.exe
C:\WINDOWS\system32\aloqpeuf.exe
C:\WINDOWS\system32\ayvgoeld.exe
C:\WINDOWS\system32\bhgwmwls.exe
C:\WINDOWS\system32\cosxvski.exe
C:\WINDOWS\system32\cowxktgn.exe
C:\WINDOWS\system32\crwgegkr.exe
C:\WINDOWS\system32\donynkis.exe
C:\WINDOWS\system32\dpfabrgx.exe
C:\WINDOWS\system32\fecptbaa.exe
C:\WINDOWS\system32\fhsemgxv.exe
C:\WINDOWS\system32\fttsracc.exe
C:\WINDOWS\system32\gbwlxnvs.exe
C:\WINDOWS\system32\gdnuyxnn.exe
C:\WINDOWS\system32\gfgoyesq.exe
C:\WINDOWS\system32\gwempeuq.exe
C:\WINDOWS\system32\hbspfecp.exe
C:\WINDOWS\system32\hnqdeyow.exe
C:\WINDOWS\system32\hopfcmqo.exe
C:\WINDOWS\system32\hqlupbrg.exe
C:\WINDOWS\system32\hqwprdkl.exe
C:\WINDOWS\system32\iaxogfso.exe
C:\WINDOWS\system32\ifuagrlr.exe
C:\WINDOWS\system32\ijbfucuq.exe
C:\WINDOWS\system32\ijccovnh.exe
C:\WINDOWS\system32\itrtudbq.exe
C:\WINDOWS\system32\jbjraseb.exe
C:\WINDOWS\system32\jglunqyn.exe
C:\WINDOWS\system32\jnyjatqt.exe
C:\WINDOWS\system32\juxeddjw.exe
C:\WINDOWS\system32\kghgothv.exe
C:\WINDOWS\system32\khmijxim.exe
C:\WINDOWS\system32\kjwolllv.exe
C:\WINDOWS\system32\kpsqtqov.exe
C:\WINDOWS\system32\kqofruol.exe
C:\WINDOWS\system32\ksgkugdw.exe
C:\WINDOWS\system32\lwrqocbk.exe
C:\WINDOWS\system32\lxgnjkro.exe
C:\WINDOWS\system32\mciqootb.exe
C:\WINDOWS\system32\mlmtdqra.exe
C:\WINDOWS\system32\model.dat
C:\WINDOWS\system32\msqfnvhf.exe
C:\WINDOWS\system32\nalfdhwb.exe
C:\WINDOWS\system32\nbptfekj.exe
C:\WINDOWS\system32\nultvqql.exe
C:\WINDOWS\system32\o02PrEz
C:\WINDOWS\system32\o02PrEz\o02PrEz1065.exe
C:\WINDOWS\system32\ownxmwmr.exe
C:\WINDOWS\system32\pawofwwg.exe
C:\WINDOWS\system32\pgixvqwi.exe
C:\WINDOWS\system32\pjcshgpa.exe
C:\WINDOWS\system32\pkybihab.exe
C:\WINDOWS\system32\qaobvksd.exe
C:\WINDOWS\system32\rqmvspap.exe
C:\WINDOWS\system32\S1
C:\WINDOWS\system32\S1\bk53.exe
C:\WINDOWS\system32\S2
C:\WINDOWS\system32\S2\mwspasrt83122.exe
C:\WINDOWS\system32\S4
C:\WINDOWS\system32\S4\wen2.exe
C:\WINDOWS\system32\S7
C:\WINDOWS\system32\S7\wr620.exe
C:\WINDOWS\system32\sayjirks.exe
C:\WINDOWS\system32\senotxre.exe
C:\WINDOWS\system32\sfqwaqch.exe
C:\WINDOWS\system32\sgvwkfit.exe
C:\WINDOWS\system32\skypdlvl.exe
C:\WINDOWS\system32\stkpraal.exe
C:\WINDOWS\system32\supjaprq.exe
C:\WINDOWS\system32\svjxqfeo.exe
C:\WINDOWS\system32\T3
C:\WINDOWS\system32\T6
C:\WINDOWS\system32\tlyrbmmb.exe
C:\WINDOWS\system32\twemlrjm.exe
C:\WINDOWS\system32\uienepoc.exe
C:\WINDOWS\system32\ujhtunjy.exe
C:\WINDOWS\system32\vdhxjtid.exe
C:\WINDOWS\system32\vmokufck.exe
C:\WINDOWS\system32\vyuxndyw.exe
C:\WINDOWS\system32\win
C:\WINDOWS\system32\wrpktyby.exe
C:\WINDOWS\system32\xankngmr.exe
C:\WINDOWS\system32\xcwfnbdi.exe
C:\WINDOWS\system32\yphatlvp.exe
C:\WINDOWS\system32\yqhhrmja.exe
C:\WINDOWS\system32\zxdnt3d.cfg
C:\WINDOWS\wr.txt
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\LEGACY_CORE
-------\LEGACY_DOMAINSERVICE
-------\LEGACY_NET_AGENT
-------\LEGACY_WINDOWS_OVERLAY_COMPONENTS
-------\DomainService
-------\Net Agent
((((((((((((((((((((((((( Files Created from 2007-05-26 to 2007-06-26 )))))))))))))))))))))))))))))))
2007-06-26 19:02 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-06-26 18:42 <DIR> d-------- C:\VundoFix Backups
2007-06-25 16:21 <DIR> d-------- C:\Program Files\Flickr Uploadr
2007-06-25 16:21 <DIR> d-------- C:\DOCUME~1\VIKRAM~1\APPLIC~1\Flickr
2007-06-24 22:48 2,041,904 --a------ C:\WINDOWS\system32\drivers\fw.sys
2007-06-24 22:48 106,591 --a------ C:\WINDOWS\system32\fwnetcfg.dll
2007-06-24 22:47 670,128 --a------ C:\WINDOWS\system32\drivers\vpn.sys
2007-06-24 22:47 32,866 --a------ C:\WINDOWS\system32\ckpginashim.dll
2007-06-24 22:47 24,672 --a------ C:\WINDOWS\system32\ckpNotify.dll
2007-06-24 22:47 17,456 --a------ C:\WINDOWS\system32\drivers\scap.sys
2007-06-23 16:29 14,924 --a------ C:\WINDOWS\system32\drivers\OMVA.sys
2007-06-22 19:20 <DIR> d-------- C:\Program Files\a-squared Anti-Malware
2007-06-22 15:45 4,628 --a------ C:\WINDOWS\system32\bjkcxtxx.exe
2007-06-21 08:24 8,464 --a------ C:\WINDOWS\system32\sporder.dll
2007-06-20 12:05 271,920 -r-hs---- C:\WINDOWS\qlabzauA.exe
2007-06-20 12:05 172,544 --a------ C:\WINDOWS\system32\bylewxm.dll
2007-06-19 12:51 <DIR> d-------- C:\Program Files\IObit
2007-06-19 12:49 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
2007-06-19 12:10 <DIR> d-------- C:\My Videos
2007-06-18 23:27 <DIR> d-------- C:\WINDOWS\system32\appmgmt
2007-06-18 23:27 <DIR> d-------- C:\Program Files\Winamp
2007-06-18 23:27 <DIR> d-------- C:\Program Files\Panicware
2007-06-17 20:02 1,634,411 ---hs---- C:\WINDOWS\system32\xycdd.bak2
2007-06-17 19:56 164 --a------ C:\install.dat
2007-06-14 07:54 163,840 --a------ C:\Program Files\TTC.dll
2007-06-14 01:30 1,637,557 ---hs---- C:\WINDOWS\system32\xycdd.ini2
2007-06-13 20:19 5,505,024 --a------ C:\DOCUME~1\VIKRAM~1\ntuser.dat
2007-06-12 23:08 <DIR> d-------- C:\Program Files\Spyware Doctor
2007-05-28 14:41 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-05-28 09:16 9,464 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-05-28 09:16 9,336 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-05-28 09:16 129,784 --------- C:\WINDOWS\system32\pxafs.dll
2007-05-26 23:54 <DIR> d-------- C:\DOCUME~1\VIKRAM~1\APPLIC~1\Lavasoft
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-06-25 02:47:35 -------- d-----w C:\Program Files\CheckPoint
2007-06-25 02:47:33 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-06-25 00:50:56 -------- d-----w C:\Program Files\Google
2007-06-23 22:46:15 1,503 ----a-w C:\WINDOWS\ipconfig.dat
2007-06-19 03:27:35 -------- d-----w C:\Program Files\Yahoo!
2007-06-14 17:26:01 1,632,180 --sh--w C:\WINDOWS\system32\xycdd.bak1
2007-05-25 01:22:19 -------- d-----w C:\Program Files\Norton AntiVirus
2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-05-02 22:44:24 -------- d--h--r C:\DOCUME~1\VIKRAM~1\APPLIC~1\yahoo!
2007-04-25 14:21:15 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-25 14:21:15 144,896 ----a-w C:\WINDOWS\system32\schannel(2)(2).dll
2007-04-18 16:12:23 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-18 12:31:39 658,944 ----a-w C:\WINDOWS\system32\wininet(2)(2).dll
2007-04-18 12:31:39 615,424 ----a-w C:\WINDOWS\system32\urlmon(2)(2).dll
2007-04-18 12:31:38 474,112 ----a-w C:\WINDOWS\system32\shlwapi(2)(2).dll
2007-04-18 12:31:38 1,494,528 ----a-w C:\WINDOWS\system32\shdocvw(2)(2).dll
2007-04-17 02:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-04-17 02:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-04-17 02:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-04-17 02:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-04-17 02:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-04-17 02:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-17 02:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-04-17 02:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-04-16 15:52:53 984,576 ----a-w C:\WINDOWS\system32\kernel32(2)(2).dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{01F17FA6-5C97-4BD1-831D-25BF884B4BC3}=\ [2007-06-26 19:06]
{02478D38-C3F9-4EFB-9B51-7695ECA05670}=C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2006-10-26 10:28]
{04DB16E3-4C32-491A-8485-3AFE84292195}=\ [2007-06-26 19:06]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 17:17]
{0A7B0010-7E68-4A65-A145-BECA4697ADA3}=C:\WINDOWS\system32\awvvw.dll []
{2E9D4C81-9F27-4c14-B804-7B0F6BC88A4F}=C:\Program Files\Outerinfo\Outerinfo.dll []
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}=C:\Program Files\Yahoo!\Common\yiesrvc.dll [2006-10-31 15:29]
{6F512F07-8936-40C0-B5F9-7CBFAB0DE000}=C:\WINDOWS\system32\hcqpcdxh.dll []
{8c12cdb9-8916-430b-8e4a-94cbc27c7ea9}=C:\WINDOWS\system32\bylewxm.dll [2007-06-20 12:05]
{AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar5.dll [2007-01-20 00:55]
{BDF3E430-B101-42AD-A544-FADC6B084872}=C:\Program Files\Norton AntiVirus\NavShExt.dll [2003-11-24 19:46]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2003-10-07 23:40]
"ATIModeChange"="Ati2mdxx.exe" [2004-04-02 03:16 C:\WINDOWS\system32\Ati2mdxx.exe]
"Cpqset"="C:\Program Files\HPQ\Default Settings\cpqset.exe" [2004-03-01 13:05]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-03-25 21:00]
"SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe" [2004-05-07 01:05]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2004-01-16 15:16]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2004-05-07 01:26]
"eabconfg.cpl"="C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" []
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 04:01]
"HPHUPD05"="c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe" [2003-05-22 23:03]
"HP Software Update"="c:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2002-12-17 14:40]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2004-09-14 21:02]
"AGRSMMSG"="AGRSMMSG.exe" [2003-10-30 09:40 C:\WINDOWS\AGRSMMSG.exe]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2004-09-18 15:39]
"eFax 4.1"="C:\Program Files\eFax Messenger 4.1\J2GDllCmd.exe" [2005-12-16 19:59]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RecordNow!"="" []
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 12:24]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-02-07 15:35]
"MoneyAgent"="c:\Program Files\Microsoft Money\System\mnyexpr.exe" [2003-06-18 15:00]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2007-03-27 15:22]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\accmain]
c:\windows\cursors\accmain.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ckpNotify]
ckpNotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ddcyx]
C:\WINDOWS\system32\ddcyx.dll
Contents of the 'Scheduled Tasks' folder
2007-06-23 00:01:33 C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer - Vikram Kapur.job
2007-06-26 23:11:25 C:\WINDOWS\tasks\Symantec NetDetect.job
**************************************************************************
catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-06-26 19:09:58
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\HPQ\Default Settings\cpqset.exe????????2?5?9?9??@???? ???B???????????????B? ??????
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-06-26 19:11:46 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-06-26 19:11
--- E O F ---
=================END ComboFix Log=================
=================START HijackThis Log================
Logfile of HijackThis v1.99.1
Scan saved at 7:15:02 PM, on 6/26/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\gearsec.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\oracle\ora92\bin\omtsreco.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe
C:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI.Exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\eFax Messenger 4.1\J2GDllCmd.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\eFax Messenger 4.1\J2GTray.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Software\adaware\hjackthis\Scanner.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
https://register.passport.net/reg.srf?x ... angid=1033
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: (no name) - {01F17FA6-5C97-4BD1-831D-25BF884B4BC3} - \
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: (no name) - {04DB16E3-4C32-491A-8485-3AFE84292195} - \
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0A7B0010-7E68-4A65-A145-BECA4697ADA3} - C:\WINDOWS\system32\awvvw.dll (file missing)
O2 - BHO: (no name) - {2E9D4C81-9F27-4c14-B804-7B0F6BC88A4F} - C:\Program Files\Outerinfo\Outerinfo.dll (file missing)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {6F512F07-8936-40C0-B5F9-7CBFAB0DE000} - C:\WINDOWS\system32\hcqpcdxh.dll (file missing)
O2 - BHO: (no name) - {8c12cdb9-8916-430b-8e4a-94cbc27c7ea9} - C:\WINDOWS\system32\bylewxm.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [eFax 4.1] "C:\Program Files\eFax Messenger 4.1\J2GDllCmd.exe" /R
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MoneyAgent] "c:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - Global Startup: eFax 4.1.lnk = C:\Program Files\eFax Messenger 4.1\J2GTray.exe
O4 - Global Startup: Image Transfer.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q304&bd=presario&pf=laptop
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O20 - Winlogon Notify: accmain - c:\windows\cursors\accmain.dll (file missing)
O20 - Winlogon Notify: ckpNotify - C:\WINDOWS\SYSTEM32\ckpNotify.dll
O20 - Winlogon Notify: ddcyx - C:\WINDOWS\system32\ddcyx.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Gear Security Service (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: OracleMTSRecoveryService - Oracle Corporation - C:\oracle\ora92\bin\omtsreco.exe
O23 - Service: OracleOraHome92ClientCache - Unknown owner - C:\oracle\ora92\BIN\ONRSD.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Check Point SecuRemote Service (SR_Service) - Check Point Software Technologies - C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe
O23 - Service: Check Point SecuRemote WatchDog (SR_WatchDog) - Check Point Software Technologies - C:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
===============END HijackThis Log===================