Logfile of HijackThis v1.99.1
Scan saved at 12:35:42 AM, on 4/20/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Apache Group\Apache\Apache.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\HPQ\One-Touch\OneTouch.EXE
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\drmfctrs.exe
C:\windows\arejcfe.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\NORTON~2\NORTON~4\GHOSTS~2.EXE
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Apache Group\Apache\Apache.exe
C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE
C:\WINDOWS\System32\sdpasvc.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Jhon\My Documents\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://w-find.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://w-find.com/index.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://w-find.com/index.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://w-find.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://w-find.com/index.htm
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [TV Now] C:\Program Files\HPQ\Notebook Utilities\TvNow.exe /RK
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QT4HPOT] C:\Program Files\HPQ\One-Touch\OneTouch.EXE
O4 - HKLM\..\Run: [PreloadApp] c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d
O4 - HKLM\..\Run: [Display Settings] C:\Program Files\HPQ\Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe
O4 - HKCU\..\Run: [eApmRRjEU] drmfctrs.exe
O4 - HKCU\..\Run: [culylwq] c:\windows\arejcfe.exe
O4 - HKCU\..\Run: [vghgkpy] c:\windows\arejcfe.exe
O4 - HKCU\..\Run: [qxnpkhd] c:\windows\arejcfe.exe
O4 - HKCU\..\Run: [dneffkw] c:\windows\arejcfe.exe
O4 - HKCU\..\Run: [ircxlit] c:\windows\arejcfe.exe
O4 - HKCU\..\Run: [nrpwoky] c:\windows\arejcfe.exe
O4 - HKCU\..\Run: [bvxehbs] c:\windows\arejcfe.exe
O4 - HKCU\..\Run: [icofhmx] c:\windows\arejcfe.exe
O4 - HKCU\..\Run: [mayaqtj] c:\windows\arejcfe.exe
O4 - HKCU\..\Run: [wwtxtep] c:\windows\arejcfe.exe
O4 - HKCU\..\Run: [pfilngr] c:\windows\arejcfe.exe
O4 - HKCU\..\Run: [tkejnqd] c:\windows\arejcfe.exe
O4 - HKCU\..\Run: [iligjon] c:\windows\hifuskf.exe
O4 - HKCU\..\Run: [phrmeeb] c:\windows\abucsxt.exe
O4 - HKCU\..\Run: [fudmtxc] c:\windows\hifuskf.exe
O4 - HKCU\..\Run: [yucdgyg] c:\windows\abucsxt.exe
O4 - HKCU\..\Run: [nfmkoph] c:\windows\hifuskf.exe
O4 - HKCU\..\Run: [alnbtbv] c:\windows\abucsxt.exe
O4 - HKCU\..\Run: [nagukhh] c:\windows\hifuskf.exe
O4 - HKCU\..\Run: [jpuheyp] c:\windows\abucsxt.exe
O4 - HKCU\..\Run: [joywwcr] c:\windows\wxbbrfe.exe
O4 - HKCU\..\Run: [xkfswye] c:\windows\lkdnpoi.exe
O4 - HKCU\..\Run: [uwhlhvr] c:\windows\nnwlqea.exe
O4 - HKCU\..\Run: [nbxfmfe] c:\windows\vuhdqql.exe
O4 - HKCU\..\Run: [goelbki] c:\windows\wxbbrfe.exe
O4 - HKCU\..\Run: [lmlfpgn] c:\windows\lkdnpoi.exe
O4 - HKCU\..\Run: [snhecia] c:\windows\nnwlqea.exe
O4 - HKCU\..\Run: [ynjnpiv] c:\windows\vuhdqql.exe
O4 - HKCU\..\Run: [jqutffh] c:\windows\wxbbrfe.exe
O4 - HKCU\..\Run: [yjllexl] c:\windows\lkdnpoi.exe
O4 - HKCU\..\Run: [xwptouo] c:\windows\vuhdqql.exe
O4 - HKCU\..\Run: [ypewxtr] c:\windows\wxbbrfe.exe
O4 - HKCU\..\Run: [utlkclx] c:\windows\lkdnpoi.exe
O4 - HKCU\..\Run: [mwokqtq] c:\windows\vuhdqql.exe
O4 - HKCU\..\Run: [yrjpkiq] c:\windows\wxbbrfe.exe
O4 - HKCU\..\Run: [dgbvxoq] c:\windows\lkdnpoi.exe
O4 - HKCU\..\Run: [gujosmq] c:\windows\vuhdqql.exe
O4 - HKCU\..\Run: [cupxgpp] c:\windows\kwxwejh.exe
O4 - HKCU\..\Run: [kdhlnrb] c:\windows\xfppwny.exe
O4 - HKCU\..\Run: [gyptxuv] c:\windows\xfppwny.exe
O4 - HKCU\..\Run: [prbyred] c:\windows\xfppwny.exe
O4 - HKCU\..\Run: [nfwbrtc] c:\windows\xfppwny.exe
O4 - HKCU\..\Run: [yycqodh] c:\windows\xfppwny.exe
O4 - HKCU\..\Run: [gemmatm] c:\windows\xfppwny.exe
O4 - HKCU\..\Run: [flftons] c:\windows\xfppwny.exe
O4 - HKCU\..\Run: [bhifxwy] c:\windows\xfppwny.exe
O4 - HKCU\..\Run: [hjvicrf] c:\windows\xfppwny.exe
O4 - HKCU\..\Run: [ohlhpro] c:\windows\xfppwny.exe
O4 - HKCU\..\Run: [lgkqjsr] c:\windows\mpgfuky.exe
O4 - HKCU\..\Run: [pldsipb] c:\windows\mpgfuky.exe
O4 - HKCU\..\Run: [vojuqet] c:\windows\mpgfuky.exe
O4 - HKCU\..\Run: [fyjmluw] c:\windows\mpgfuky.exe
O4 - HKCU\..\Run: [hcombff] c:\windows\rcedpkf.exe
O4 - HKCU\..\Run: [cpvbkes] c:\windows\liljtib.exe
O4 - HKCU\..\Run: [dljnpta] c:\windows\kaqjfwc.exe
O4 - HKCU\..\Run: [jhhinpj] c:\windows\kaqjfwc.exe
O4 - HKCU\..\Run: [nwchjbm] c:\windows\kaqjfwc.exe
O4 - HKCU\..\Run: [matxgot] c:\windows\kaqjfwc.exe
O4 - HKCU\..\Run: [noxtfhx] c:\windows\kaqjfwc.exe
O4 - HKCU\..\Run: [ygacpnj] c:\windows\kaqjfwc.exe
O4 - HKCU\..\Run: [kepnwms] c:\windows\kaqjfwc.exe
O4 - HKCU\..\Run: [pmfilud] c:\windows\kaqjfwc.exe
O4 - HKCU\..\Run: [qnkcqmf] c:\windows\kaqjfwc.exe
O4 - HKCU\..\Run: [eftvxmp] c:\windows\kaqjfwc.exe
O4 - HKCU\..\Run: [josicpu] c:\windows\kaqjfwc.exe
O4 - HKCU\..\Run: [kfppsjm] c:\windows\kaqjfwc.exe
O4 - HKCU\..\Run: [hasduvp] c:\windows\kaqjfwc.exe
O4 - HKCU\..\Run: [hyioasw] c:\windows\kaqjfwc.exe
O4 - HKCU\..\Run: [pvwjojo] c:\windows\kaqjfwc.exe
O4 - HKCU\..\Run: [ygjduvw] c:\windows\kaqjfwc.exe
O4 - HKCU\..\Run: [vuyyadm] c:\windows\kaqjfwc.exe
O4 - HKCU\..\Run: [bdfhwqf] c:\windows\kaqjfwc.exe
O4 - HKCU\..\Run: [ujpptdc] c:\windows\kaqjfwc.exe
O4 - HKCU\..\Run: [xlxopqq] c:\windows\kaqjfwc.exe
O4 - HKCU\..\Run: [sxjmmqb] c:\windows\kaqjfwc.exe
O4 - HKCU\..\Run: [yfkwnfy] c:\windows\kaqjfwc.exe
O4 - HKCU\..\Run: [hiprcym] c:\windows\kaqjfwc.exe
O4 - HKCU\..\Run: [ytwwpfl] c:\windows\kaqjfwc.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [qssgiwd] c:\windows\sytwojr.exe
O4 - HKCU\..\Run: [wfubgjb] c:\windows\sytwojr.exe
O4 - HKCU\..\Run: [isoxvjn] c:\windows\sytwojr.exe
O4 - HKCU\..\Run: [taikjqc] c:\windows\sytwojr.exe
O4 - HKCU\..\Run: [jwfphot] c:\windows\wnsirkd.exe
O4 - HKCU\..\Run: [txmypco] c:\windows\wnsirkd.exe
O4 - HKCU\..\Run: [biswilp] c:\windows\wnsirkd.exe
O4 - HKCU\..\Run: [xwhlvbt] c:\windows\spyjawo.exe
O4 - HKCU\..\Run: [srscoqn] c:\windows\spyjawo.exe
O4 - HKCU\..\Run: [crhmium] c:\windows\spyjawo.exe
O4 - HKCU\..\Run: [pfvyort] c:\windows\spyjawo.exe
O4 - HKCU\..\Run: [ecupsop] c:\windows\spyjawo.exe
O4 - HKCU\..\Run: [cfkkshl] c:\windows\spyjawo.exe
O4 - HKCU\..\Run: [fbubcvu] c:\windows\spyjawo.exe
O4 - HKCU\..\Run: [obyjpli] c:\windows\spyjawo.exe
O4 - HKCU\..\Run: [tqgmjbm] c:\windows\dnocwlb.exe
O4 - HKCU\..\Run: [nweiacx] c:\windows\dnocwlb.exe
O4 - HKCU\..\Run: [jgbpqur] c:\windows\dnocwlb.exe
O4 - HKCU\..\Run: [hffxfxa] c:\windows\noocxkm.exe
O4 - HKCU\..\Run: [ppblhqj] c:\windows\noocxkm.exe
O4 - HKCU\..\Run: [talgffe] c:\windows\noocxkm.exe
O4 - HKCU\..\Run: [xqlsbpb] c:\windows\noocxkm.exe
O4 - HKCU\..\Run: [tbdcwug] c:\windows\noocxkm.exe
O4 - HKCU\..\Run: [epsvlnn] c:\windows\noocxkm.exe
O4 - HKCU\..\Run: [jbfodjl] c:\windows\noocxkm.exe
O4 - HKCU\..\Run: [lrsshex] c:\windows\noocxkm.exe
O4 - HKCU\..\Run: [wfmjklo] c:\windows\noocxkm.exe
O4 - HKCU\..\Run: [sxemoxu] c:\windows\noocxkm.exe
O4 - HKCU\..\Run: [ykvpmtj] c:\windows\miycpso.exe
O4 - HKCU\..\Run: [ahxhfnp] c:\windows\miycpso.exe
O4 - HKCU\..\Run: [bbuullm] c:\windows\miycpso.exe
O4 - HKCU\..\Run: [brjtfij] c:\windows\wiqvtri.exe
O4 - HKCU\..\Run: [irgijoi] c:\windows\tdecrnw.exe
O4 - HKCU\..\Run: [lfeqyru] c:\windows\rakfqxf.exe
O4 - HKCU\..\Run: [hujqtld] c:\windows\wiqvtri.exe
O4 - HKCU\..\Run: [tsstvhe] c:\windows\tdecrnw.exe
O4 - HKCU\..\Run: [mrwvjer] c:\windows\rakfqxf.exe
O4 - HKCU\..\Run: [rqvbsad] c:\windows\rakfqxf.exe
O4 - HKCU\..\Run: [dlcbjjv] c:\windows\tdecrnw.exe
O4 - HKCU\..\Run: [otnuibk] c:\windows\tdecrnw.exe
O4 - HKCU\..\Run: [bbwibbj] c:\windows\rakfqxf.exe
O4 - HKCU\..\Run: [wwjgwqo] c:\windows\tdecrnw.exe
O4 - HKCU\..\Run: [dakfftn] c:\windows\rakfqxf.exe
O4 - HKCU\..\Run: [jrpuvms] c:\windows\tdecrnw.exe
O4 - HKCU\..\Run: [xudmisf] c:\windows\rakfqxf.exe
O4 - HKCU\..\Run: [rbnhvbd] c:\windows\tdecrnw.exe
O4 - HKCU\..\Run: [xtshyhu] c:\windows\rakfqxf.exe
O4 - HKCU\..\Run: [nmtgofb] c:\windows\tdecrnw.exe
O4 - HKCU\..\Run: [gqnbjeh] c:\windows\rakfqxf.exe
O4 - HKCU\..\Run: [nlwtcqf] c:\windows\tdecrnw.exe
O4 - HKCU\..\Run: [apyflqi] c:\windows\rakfqxf.exe
O4 - HKCU\..\Run: [jlqkedh] c:\windows\dsfvlxa.exe
O4 - HKCU\..\Run: [mlgejtv] c:\windows\dsfvlxa.exe
O4 - HKCU\..\Run: [cubabfp] c:\windows\dsfvlxa.exe
O4 - HKCU\..\Run: [mwfbgoj] c:\windows\dsfvlxa.exe
O4 - HKCU\..\Run: [emujylf] c:\windows\dsfvlxa.exe
O4 - HKCU\..\Run: [uuuyqdn] c:\windows\dsfvlxa.exe
O4 - HKCU\..\Run: [lmqvjhr] c:\windows\dsfvlxa.exe
O4 - HKCU\..\Run: [dirnink] c:\windows\dsfvlxa.exe
O4 - HKCU\..\Run: [wddhtqu] c:\windows\dsfvlxa.exe
O4 - HKCU\..\Run: [sxpekyv] c:\windows\dsfvlxa.exe
O4 - HKCU\..\Run: [hitlvya] c:\windows\dsfvlxa.exe
O4 - HKCU\..\Run: [lskuhab] c:\windows\dsfvlxa.exe
O4 - HKCU\..\Run: [occbihh] c:\windows\dsfvlxa.exe
O4 - HKCU\..\Run: [gtjgjis] c:\windows\dsfvlxa.exe
O4 - HKCU\..\Run: [ljwafye] c:\windows\dsfvlxa.exe
O4 - HKCU\..\Run: [ixbhdns] c:\windows\dsfvlxa.exe
O4 - HKCU\..\Run: [bjecwiu] c:\windows\dsfvlxa.exe
O4 - HKCU\..\Run: [taxspkl] c:\windows\dsfvlxa.exe
O4 - HKCU\..\Run: [uifdyfw] c:\windows\qnlnkew.exe
O4 - HKCU\..\Run: [cqaldbx] c:\windows\qnlnkew.exe
O4 - HKCU\..\Run: [mlxpawg] c:\windows\qnlnkew.exe
O4 - HKCU\..\Run: [gfwelbw] c:\windows\qnlnkew.exe
O4 - HKCU\..\Run: [lhjdtrg] c:\windows\ywbbvdc.exe
O4 - HKCU\..\Run: [ncxgnyw] c:\windows\ywbbvdc.exe
O4 - HKCU\..\Run: [fumurci] c:\windows\ywbbvdc.exe
O4 - HKCU\..\Run: [xjmshng] c:\windows\ywbbvdc.exe
O4 - HKCU\..\Run: [pqlaaiq] c:\windows\ywbbvdc.exe
O4 - HKCU\..\Run: [yguomdm] c:\windows\ywbbvdc.exe
O4 - HKCU\..\Run: [wpthcid] c:\windows\ywbbvdc.exe
O4 - HKCU\..\Run: [ahkgori] c:\windows\ywbbvdc.exe
O4 - HKCU\..\Run: [vptusvu] c:\windows\ywbbvdc.exe
O4 - HKCU\..\Run: [dnvanav] c:\windows\ywbbvdc.exe
O4 - HKCU\..\Run: [drbnrqp] c:\windows\ywbbvdc.exe
O4 - HKCU\..\Run: [qwtfxhy] c:\windows\ywbbvdc.exe
O4 - HKCU\..\Run: [ivnknlr] c:\windows\ywbbvdc.exe
O4 - HKCU\..\Run: [geltska] c:\windows\ywbbvdc.exe
O4 - HKCU\..\Run: [gjwggng] c:\windows\ywbbvdc.exe
O4 - HKCU\..\Run: [nkrfmup] c:\windows\mtyrpma.exe
O4 - HKCU\..\Run: [omrupee] c:\windows\mtyrpma.exe
O4 - HKCU\..\Run: [ikwyogh] c:\windows\mtyrpma.exe
O4 - HKCU\..\Run: [bloeveh] c:\windows\mtyrpma.exe
O4 - HKCU\..\Run: [weadtdx] c:\windows\mtyrpma.exe
O4 - HKCU\..\Run: [ucmfndr] c:\windows\mtyrpma.exe
O4 - HKCU\..\Run: [umnmint] c:\windows\mtyrpma.exe
O4 - HKCU\..\Run: [rffnopb] c:\windows\mtyrpma.exe
O4 - HKCU\..\Run: [jjskbcg] c:\windows\mtyrpma.exe
O4 - HKCU\..\Run: [knvudiy] c:\windows\mtyrpma.exe
O4 - HKCU\..\Run: [vcemesj] c:\windows\mtyrpma.exe
O4 - HKCU\..\Run: [wuvsicu] c:\windows\mtyrpma.exe
O4 - HKCU\..\Run: [hibilio] c:\windows\mtyrpma.exe
O4 - HKCU\..\Run: [rrqvgbg] c:\windows\mtyrpma.exe
O4 - HKCU\..\Run: [stmyjge] c:\windows\mtyrpma.exe
O4 - HKCU\..\Run: [enwaokc] c:\windows\mtyrpma.exe
O4 - HKCU\..\Run: [jvgyjim] c:\windows\mtyrpma.exe
O4 - HKCU\..\Run: [fohyygb] c:\windows\mtyrpma.exe
O4 - HKCU\..\Run: [vcepxhh] c:\windows\mtyrpma.exe
O4 - HKCU\..\Run: [mtskssp] c:\windows\mtyrpma.exe
O4 - HKCU\..\Run: [kksqcie] c:\windows\mtyrpma.exe
O4 - HKCU\..\Run: [fkpcery] c:\windows\mtyrpma.exe
O4 - HKCU\..\Run: [ixydtcy] c:\windows\mtyrpma.exe
O4 - HKCU\..\Run: [awnfjwk] c:\windows\qmayiod.exe
O4 - HKCU\..\Run: [mrerrpj] c:\windows\qmayiod.exe
O4 - HKCU\..\Run: [qhktrwu] c:\windows\qmayiod.exe
O4 - HKCU\..\Run: [twbxifq] c:\windows\qmayiod.exe
O4 - HKCU\..\Run: [cffwwxa] c:\windows\qmayiod.exe
O4 - HKCU\..\Run: [wwvxajg] c:\windows\qmayiod.exe
O4 - HKCU\..\Run: [xlujmsc] c:\windows\kgtfabg.exe
O4 - HKCU\..\Run: [qjvcwfl] c:\windows\kgtfabg.exe
O4 - HKCU\..\Run: [jumpygg] c:\windows\kgtfabg.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Microsoft AntiSpyware helper - {C21A8BE5-4A10-4860-B290-9EBA4012DAD9} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {C21A8BE5-4A10-4860-B290-9EBA4012DAD9} - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\flsmngr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\flsmngr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\flsmngr.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Apache - Unknown owner - C:\Program Files\Apache Group\Apache\Apache.exe" --ntservice (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~4\GHOSTS~2.EXE
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SDPAUMS server service (SDPASVC) - Matsushita Electric Industrial Co.,Ltd. - C:\WINDOWS\System32\sdpasvc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe