Not a pretty sight.
========== FILES ==========
File/Folder C:\WINDOWS\system32\prunnet.exe not found.
========== REGISTRY ==========
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\prunnet deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\prunnet not found.
OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01212009_071825
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Wednesday, January 21, 2009
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Wednesday, January 21, 2009 13:09:16
Records in database: 1659297
--------------------------------------------------------------------------------
Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes
Scan area - My Computer:
C:\
D:\
Scan statistics:
Files scanned: 79684
Threat name: 39
Infected objects: 111
Suspicious objects: 0
Duration of the scan: 01:40:16
File name / Threat name / Threats count
C:\Documents and Settings\Anne\Local Settings\Temporary Internet Files\Content.IE5\8XQNK1IJ\index[1] Infected: not-a-virus:AdWare.Win32.SuperJuan.gbc 1
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\IMXIHVEB\placeholder-1793335-1622548644[1].htm Infected: Trojan-Downloader.JS.Psyme.amg 1
C:\Documents and Settings\Wally\Local Settings\Temporary Internet Files\Content.IE5\CPLAN9YB\incredimail_install[1].exe Infected: not-a-virus:Downloader.Win32.ImLoader.n 1
C:\Documents and Settings\Wally\My Documents\MyFunCardsSetup2.2.60.11-2.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.cb 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\1A.tmp Infected: not-a-virus:FraudTool.Win32.VirusRemover.k 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\1F.tmp Infected: Trojan-Downloader.Win32.Agent.aklq 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\22.tmp Infected: Trojan-Downloader.Win32.Agent.ajup 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\23.tmp Infected: not-a-virus:AdWare.Win32.SuperJuan.fsk 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\25.tmp Infected: Exploit.Win32.Pidief.aaf 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\26.tmp Infected: Trojan-Downloader.Win32.Agent.aeyu 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\27.tmp Infected: Trojan-Downloader.Win32.Agent.afvt 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\28.tmp Infected: Trojan-Downloader.Win32.Agent.afvt 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\29.tmp Infected: Trojan-Downloader.Win32.Agent.ahdb 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\2A.tmp Infected: Trojan-Downloader.Win32.Agent.ahdb 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\2B.tmp Infected: Trojan-Downloader.Win32.Agent.ahdb 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\2C.tmp Infected: Trojan-Downloader.Win32.Agent.ahdb 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\2D.tmp Infected: Trojan-Downloader.Win32.Agent.ahdb 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\2E.tmp Infected: Trojan-Downloader.Win32.Agent.ahdb 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\2F.tmp Infected: Trojan-Downloader.Win32.Agent.ahdb 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\30.tmp Infected: Trojan-Downloader.Win32.Agent.ahdb 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\31.tmp Infected: Trojan-Downloader.Win32.Agent.ahdb 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\32.tmp Infected: Trojan-Downloader.Win32.Agent.ahdb 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\33.tmp Infected: Trojan-Downloader.Win32.Agent.aivj 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\34.tmp Infected: Trojan-Downloader.Win32.Agent.aivj 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\35.tmp Infected: Trojan-Downloader.Win32.Agent.aivj 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\36.tmp Infected: Trojan-Downloader.Win32.Agent.aivj 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\37.tmp Infected: Trojan-Downloader.Win32.Agent.aivj 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\38.tmp Infected: Trojan-Downloader.Win32.Agent.ajup 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\39.tmp Infected: Trojan-Downloader.Win32.Agent.ajup 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\3A.tmp Infected: Trojan-Downloader.Win32.Agent.ajup 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\3B.tmp Infected: Trojan-Downloader.Win32.Agent.aklq 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\3C.tmp Infected: Trojan-Downloader.Win32.Agent.aklq 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\3D.tmp Infected: Trojan.Win32.Agent.aljf 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\3E.tmp Infected: Trojan-Downloader.Win32.Agent.albi 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\3F.tmp Infected: Trojan-Downloader.Win32.Agent.albi 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\40.tmp Infected: Trojan.Win32.Agent.aljf 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\41.tmp Infected: Trojan-Downloader.Win32.Agent.amqp 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\42.tmp Infected: Trojan-Downloader.Win32.Agent.amqp 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\43.tmp Infected: Trojan-Downloader.Win32.Agent.anqi 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\44.tmp Infected: Trojan.Win32.Agent.aljf 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\45.tmp Infected: Trojan-Downloader.Win32.Agent.aobz 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\46.tmp Infected: Trojan.Win32.Agent.aljf 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\47.tmp Infected: Trojan.Win32.Agent.aljf 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\48.tmp Infected: Trojan-Downloader.Win32.Agent.aogx 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\49.tmp Infected: Trojan.Win32.Agent.aljf 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\4A.tmp Infected: Trojan-Downloader.Win32.Agent.ashc 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\4B.tmp Infected: Trojan-Downloader.Win32.Agent.aoyp 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\4C.tmp Infected: Trojan.Win32.Agent.aljf 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\4D.tmp Infected: Trojan-Downloader.Win32.Agent.apfg 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\4E.tmp Infected: Trojan-Downloader.Win32.Agent.apfg 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\4F.tmp Infected: Trojan-Downloader.Win32.Agent.apfg 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\50.tmp Infected: Trojan.Win32.Agent.aljf 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\51.tmp Infected: Trojan.Win32.Agent.aljf 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\52.tmp Infected: Trojan-Downloader.Win32.Agent.apfg 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\53.tmp Infected: Trojan-Downloader.Win32.Agent.asjh 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\54.tmp Infected: Trojan-Downloader.Win32.Agent.asjh 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\55.tmp Infected: Trojan.Win32.Agent.aljf 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\56.tmp Infected: Trojan-Downloader.Win32.Agent.asjh 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\57.tmp Infected: Trojan-Downloader.Win32.Agent.asjh 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\58.tmp Infected: Trojan.Win32.Agent.arzx 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\59.tmp Infected: Trojan-Downloader.Win32.Agent.asjh 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\5A.tmp Infected: Trojan-Downloader.Win32.Agent.asjh 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\5B.tmp Infected: Trojan.Win32.Agent.arzx 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\5C.tmp Infected: Trojan-Downloader.Win32.Agent.asjh 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\5D.tmp Infected: Trojan.Win32.Agent.arzx 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\5E.tmp Infected: Trojan-Downloader.Win32.Agent.asjh 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\5F.tmp Infected: Trojan-Downloader.Win32.Agent.asjh 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\60.tmp Infected: Trojan.Win32.Agent.arzx 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\61.tmp Infected: Trojan-Downloader.Win32.Agent.auip 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\62.tmp Infected: Trojan.Win32.Agent.arzx 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\63.tmp Infected: Trojan-Downloader.Win32.Agent.auip 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\64.tmp Infected: Trojan.Win32.Agent.arzx 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\65.tmp Infected: Trojan-Downloader.Win32.Agent.auip 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\66.tmp Infected: Trojan-Downloader.Win32.Agent.auip 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\67.tmp Infected: Trojan.Win32.Agent.arzx 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\68.tmp Infected: Trojan.Win32.Agent.arzx 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\69.tmp Infected: Trojan-Downloader.Win32.Agent.auip 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\6A.tmp Infected: Trojan.Win32.Monder.agia 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\6B.tmp Infected: Trojan.Win32.Agent.arzx 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\6C.tmp Infected: Trojan-Downloader.Win32.Agent.auip 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\6D.tmp Infected: Trojan.Win32.Monder.agtu 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\6E.tmp Infected: Trojan.Win32.Agent.arzx 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\6F.tmp Infected: Trojan-Downloader.Win32.Agent.auip 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\70.tmp Infected: Trojan.Win32.Monder.ahmz 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\73.tmp Infected: Trojan.Win32.Agent.aljf 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\77.tmp Infected: Trojan-Downloader.Win32.Agent.auip 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\78.tmp Infected: Trojan-Downloader.Win32.FraudLoad.vffa 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\79.tmp Infected: Trojan.Win32.Pakes.mpp 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\7B.tmp Infected: not-a-virus:AdWare.Win32.SuperJuan.fsk 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\7C.tmp Infected: not-a-virus:AdWare.Win32.SuperJuan.fsk 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\7D.tmp Infected: not-a-virus:AdWare.Win32.SuperJuan.fpv 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\7E.tmp Infected: not-a-virus:AdWare.Win32.SuperJuan.fou 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\7F.tmp Infected: not-a-virus:AdWare.Win32.SuperJuan.fpv 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\80.tmp Infected: not-a-virus:AdWare.Win32.SuperJuan.fou 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\81.tmp Infected: Trojan.Win32.Monder.agbj 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\82.tmp Infected: not-a-virus:AdWare.Win32.SuperJuan.fqr 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\83.tmp Infected: Trojan.Win32.Monder.ahye 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\84.tmp Infected: not-a-virus:AdWare.Win32.SuperJuan.fqr 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\85.tmp Infected: Trojan.Win32.Monderb.acew 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0021988.dll Infected: Trojan.Win32.Agent.arzx 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0022154.dll Infected: Trojan.Win32.Monder.amcc 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\QJMGNC.DLL Infected: not-a-virus:AdWare.Win32.SuperJuan.gbe 1
C:\Program Files\Trend Micro\Internet Security\Quarantine\XATDXG42.EXE_ Infected: Trojan-Downloader.Win32.Agent.auip 1
C:\_OTMoveIt\MovedFiles\01192009_202632\WINDOWS\system32\cvvias.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.gbc 1
C:\_OTMoveIt\MovedFiles\01192009_202632\WINDOWS\system32\gircoo.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.gbs 1
C:\_OTMoveIt\MovedFiles\01192009_202632\WINDOWS\system32\humopvwb.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.gbs 1
C:\_OTMoveIt\MovedFiles\01192009_202632\WINDOWS\system32\johnwndc.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.gbc 1
C:\_OTMoveIt\MovedFiles\01192009_202632\WINDOWS\system32\kjfgcr.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.gbs 1
C:\_OTMoveIt\MovedFiles\01192009_202632\WINDOWS\system32\qambsnxt.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.gbs 1
C:\_OTMoveIt\MovedFiles\01192009_202632\WINDOWS\system32\slaqgo.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.gbc 1
C:\_OTMoveIt\MovedFiles\01192009_202632\WINDOWS\system32\tmdfyrmy.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.gbc 1
The selected area was scanned.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:54:14 AM, on 1/21/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\gearsec.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\support.com\bin\tgcmd.exe
C:\Program Files\Tech\Wheel Mouse\5.0\MOUSE32A.EXE
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.philadelphiaeagles.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\support.com\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Tech\Wheel Mouse\5.0\MOUSE32A.EXE
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
O4 - HKUS\S-1-5-19\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9e.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9e.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q304&bd=pavilion&pf=laptop
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) -
http://www.activation.rr.com/install/do ... gctlcm.cabO16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) -
http://housecall65.trendmicro.com/house ... hcImpl.cabO16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2004 ... scan53.cabO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -
http://cdn2.zone.msn.com/binFramework/v ... b56649.cabO23 - Service: Gear Security Service (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
--
End of file - 8519 bytes