|
-
February 23rd, 2009, 11:44 PM
#1
Part 3:
C:\DOCUME~1\Owner\LOCALS~1\Temp\o81wawg02if4l.exe
O4 - HKCU\..\Run: [zo5tv0j5iw73gmus4bgwksoce0wu8s1p8xt9hurbvoi9tdyr] C:\DOCUME~1\Owner\LOCALS~1\Temp\sxdxnst.exe
O4 - HKCU\..\Run: [y2jkfw24p62rns7e3qmi54yvaonun70vas77rl9qi] C:\DOCUME~1\Owner\LOCALS~1\Temp\c1fz53zty6.exe
O4 - HKCU\..\Run: [s3byyptq1mkqer5345t9zawlyeggz24mj] C:\DOCUME~1\Owner\LOCALS~1\Temp\odkgjulx2i2y.exe
O4 - HKCU\..\Run: [ri2w4s477jtsqvlo8y] C:\DOCUME~1\Owner\LOCALS~1\Temp\ko8y6y82fc.exe
O4 - HKCU\..\Run: [ts06ll5yxs97p482he49q8uaj2dci] C:\DOCUME~1\Owner\LOCALS~1\Temp\rwy6nkz5.exe
O4 - HKCU\..\Run: [yvez4yuaw4993fmf] C:\DOCUME~1\Owner\LOCALS~1\Temp\tvi7vpj2.exe
O4 - HKCU\..\Run: [vvztg88k886cp6zr2vho3cpg12] C:\DOCUME~1\Owner\LOCALS~1\Temp\sg15yvf3yk.exe
O4 - HKCU\..\Run: [l8widd8ow1w3x3mhdw2xf5vj4zoj44n56wcw20g19t5hxs] C:\DOCUME~1\Owner\LOCALS~1\Temp\aupoon.exe
O4 - HKCU\..\Run: [urqb6xpc75u0fqvgac7ntg238wwda87bivkaj] C:\DOCUME~1\Owner\LOCALS~1\Temp\sqw8ns.exe
O4 - HKCU\..\Run: [up2nmv37q4jr] C:\DOCUME~1\Owner\LOCALS~1\Temp\hj1p12io.exe
O4 - HKCU\..\Run: [go82hy46uk95i5r7o] C:\DOCUME~1\Owner\LOCALS~1\Temp\wawqk8xclqf.exe
O4 - HKCU\..\Run: [i9jhe68max] C:\DOCUME~1\Owner\LOCALS~1\Temp\px88ru8e5emz.exe
O4 - HKCU\..\Run: [bhl7tqtjzzw3fhfzzce43hj0mwo1mgt4i] C:\DOCUME~1\Owner\LOCALS~1\Temp\rgyupt9.exe
O4 - HKCU\..\Run: [qjz939qhg26t2] C:\DOCUME~1\Owner\LOCALS~1\Temp\goavpz386e.exe
O4 - HKCU\..\Run: [ino7oolzf64ub8chxc3c2edf69fsonm3bo6x28z3wkyacmfim] C:\DOCUME~1\Owner\LOCALS~1\Temp\alrbnlflrfsk.exe
O4 - HKCU\..\Run: [g67n57z2bjfohfil] C:\DOCUME~1\Owner\LOCALS~1\Temp\nd5w2vg3tkx6.exe
O4 - HKCU\..\Run: [p8nmgftspsz6c4ldytdeyh9hir] C:\DOCUME~1\Owner\LOCALS~1\Temp\c4hxl1v.exe
O4 - HKCU\..\Run: [g1ju5r45c5c40cco0qqyhyimems26d3] C:\DOCUME~1\Owner\LOCALS~1\Temp\hkhwpxsx7r.exe
O4 - HKCU\..\Run: [loopig1v7kq1ofjrrv4imqt21sozn3333p0h67q15pujja4] C:\DOCUME~1\Owner\LOCALS~1\Temp\kiogbclht3k.exe
O4 - HKCU\..\Run: [huhmu0w3jd5k] C:\DOCUME~1\Owner\LOCALS~1\Temp\y1ozymnawl3r.exe
O4 - HKCU\..\Run: [y32d8ezru4hmxa45k7of2j4] C:\DOCUME~1\Owner\LOCALS~1\Temp\jd22ac63b.exe
O4 - HKCU\..\Run: [krzbmyl4mvzwjv3cohy3qyttumqnfjryrx4tvpa1o] C:\DOCUME~1\Owner\LOCALS~1\Temp\yg2mdj9.exe
O4 - HKCU\..\Run: [hn9h5m2mb1yb4rj] C:\DOCUME~1\Owner\LOCALS~1\Temp\rmelk5kq.exe
O4 - HKCU\..\Run: [pe2z1kt8ttube1g2istadc4xotonhqf1gp] C:\DOCUME~1\Owner\LOCALS~1\Temp\j3b0rvje.exe
O4 - HKCU\..\Run: [djllfosnwl9txqjx] C:\DOCUME~1\Owner\LOCALS~1\Temp\ffs70l089scjc.exe
O4 - HKCU\..\Run: [q3ypqxn3x3erj9bzhx72fnn3yj7e5b1cxxc4sry] C:\DOCUME~1\Owner\LOCALS~1\Temp\b0bq8wq.exe
O4 - HKCU\..\Run: [fb17gzfkxchbmvgmel4x9umfie86vkwao5rla032h2] C:\DOCUME~1\Owner\LOCALS~1\Temp\jzspcsnsi3.exe
O4 - HKCU\..\Run: [benlq4emlzrkwbag2gypjb93az62] C:\DOCUME~1\Owner\LOCALS~1\Temp\xgislhi5qxvu.exe
O4 - HKCU\..\Run: [rzy4oeejvkoie9id] C:\DOCUME~1\Owner\LOCALS~1\Temp\qyzav4h4.exe
O4 - HKCU\..\Run: [ag0eqxlwrzlinp8vqshnacu8rqmj4] C:\DOCUME~1\Owner\LOCALS~1\Temp\efpdntch69.exe
O4 - HKCU\..\Run: [ycfwz37egeejoxqclbjfs8oa1mf20ta6vt9klmdh5] C:\DOCUME~1\Owner\LOCALS~1\Temp\q8ykfbjaqxm1.exe
O4 - HKCU\..\Run: [azfkxi9xyb7vfham8r9dqsdm3z55j] C:\DOCUME~1\Owner\LOCALS~1\Temp\hpkgt9.exe
O4 - HKCU\..\Run: [fyc86gdd3zji9y56xqsmv9rnn3oeeqiwdk7twr] C:\DOCUME~1\Owner\LOCALS~1\Temp\ti8eq0y2.exe
O4 - HKCU\..\Run: [xz1noqb87ex4wgqank0f350mrbyc] C:\DOCUME~1\Owner\LOCALS~1\Temp\x7kfkwbxqx.exe
O4 - HKCU\..\Run: [uji7okdhgq3b7hb3sdly1hgte] C:\DOCUME~1\Owner\LOCALS~1\Temp\p3c6xsndp3.exe
O4 - HKCU\..\Run: [bpynr9d58pe0dtoisp3kdl24d9jgegm8497hoox3chts] C:\DOCUME~1\Owner\LOCALS~1\Temp\amrzpb40c90.exe
O4 - HKCU\..\Run: [hoi1bq267858ytr4uxc272zofx2p585] C:\DOCUME~1\Owner\LOCALS~1\Temp\z7a1iv8m19j3q.exe
O4 - HKCU\..\Run: [slxq1lrbm1hdsbwvy4kwu6cw96boep362xfh] C:\DOCUME~1\Owner\LOCALS~1\Temp\sdmjp0.exe
O4 - HKCU\..\Run: [ngwdkgv2v9kkb4g8p] C:\DOCUME~1\Owner\LOCALS~1\Temp\o3o5ris.exe
O4 - HKCU\..\Run: [p6k3brt5f8xl9m0] C:\DOCUME~1\Owner\LOCALS~1\Temp\ofc5bjglya.exe
O4 - HKCU\..\Run: [inthnot9y0is] C:\DOCUME~1\Owner\LOCALS~1\Temp\k0v7nk374acm.exe
O4 - HKCU\..\Run: [raav0srr92iahofcf08fzygc3dxi6j1d7dp64f9bow] C:\DOCUME~1\Owner\LOCALS~1\Temp\glv9g4.exe
O4 - HKCU\..\Run: [a9fioaoleelpeorp1kg] C:\DOCUME~1\Owner\LOCALS~1\Temp\sejqdvtx.exe
O4 - HKCU\..\Run: [vddz10cf53t1rh5ss1qqs] C:\DOCUME~1\Owner\LOCALS~1\Temp\lkvpk04zh.exe
O4 - HKCU\..\Run: [daj5pc6t6jvh3qulc8u74] C:\DOCUME~1\Owner\LOCALS~1\Temp\rz2s6fxj3m.exe
O4 - HKCU\..\Run: [nu0a0g4q56lgwxlk5u4fbi4h0fcyqaxc98lbnc45d3yo] C:\DOCUME~1\Owner\LOCALS~1\Temp\jv9tmkoamg.exe
O4 - HKCU\..\Run: [ynb3ohteij31cfpqfivntr0db5k6iu1f] C:\DOCUME~1\Owner\LOCALS~1\Temp\y4slhy.exe
O4 - HKCU\..\Run: [kcf14y15dlnwuiqvynheyami3e01uh02lpf103v8] C:\DOCUME~1\Owner\LOCALS~1\Temp\p6c22w0200hr.exe
O4 - HKCU\..\Run: [elc4r21quk8d3rxpby8umye4p0jgq5yzf2rkxt6enio21zo8dx] C:\DOCUME~1\Owner\LOCALS~1\Temp\iocktjz1.exe
O4 - HKCU\..\Run: [m6dsdj32imx1l8bujf964k7cedw82vkzuui8kb] C:\DOCUME~1\Owner\LOCALS~1\Temp\slqpytm.exe
O4 - HKCU\..\Run: [owjsq9b50w207yyfwx2u1cs5uqqwb0zo] C:\DOCUME~1\Owner\LOCALS~1\Temp\d4984koq.exe
O4 - HKCU\..\Run: [yaoef3sevm0wztwjztheyps] C:\DOCUME~1\Owner\LOCALS~1\Temp\o69rauq2i.exe
O4 - HKCU\..\Run: [h4ry7yrvn3m53ttv0wqlqptfg76kzmh2k] C:\DOCUME~1\Owner\LOCALS~1\Temp\oixruvegp0tg.exe
O4 - HKCU\..\Run: [is22mvqiw2j24atfm] C:\DOCUME~1\Owner\LOCALS~1\Temp\ge4sa05q8umq.exe
O4 - HKCU\..\Run: [ddl1jj52jdy27foq7xv0agz2frrwtqawwyfciipqaoi329] C:\DOCUME~1\Owner\LOCALS~1\Temp\hastayuf9748.exe
O4 - HKCU\..\Run: [ddoxi6h102h5kkg5jbrrahdeo8q69sn6serprsfvq1yotw95] C:\DOCUME~1\Owner\LOCALS~1\Temp\scbcx8f8cpnz8.exe
O4 - HKCU\..\Run: [bosvf54rzzearfrc3woznnhyd36axe0s6fuxfsr5d50dovk] C:\DOCUME~1\Owner\LOCALS~1\Temp\k8zdwd6zv0zs9.exe
O4 - HKCU\..\Run: [czwtcnr0ydufhtj2n04qhalijfmxlhde1zx53s3f096bxl] C:\DOCUME~1\Owner\LOCALS~1\Temp\c46xc1xqeuslt.exe
O4 - HKCU\..\Run: [nu9b8dzgnffhz608pfmpd7i1k0hzsli5jof6iftrztsz6ysza] C:\DOCUME~1\Owner\LOCALS~1\Temp\zbixzk9kb13.exe
O4 - HKCU\..\Run: [fo4uxg55zy] C:\DOCUME~1\Owner\LOCALS~1\Temp\cqphlz24xuff.exe
O4 - HKCU\..\Run: [g7cl3ksj5zy454jjmx] C:\DOCUME~1\Owner\LOCALS~1\Temp\zldh50q.exe
O4 - HKCU\..\Run: [qamacj5cqvkzettu6gd] C:\DOCUME~1\Owner\LOCALS~1\Temp\j8w24uwgdp.exe
O4 - HKCU\..\Run: [z7vlnyl7smhw2bal5e6e8t51c6l2vc0n9i4zn84zs] C:\DOCUME~1\Owner\LOCALS~1\Temp\urflapon7s3.exe
O4 - HKCU\..\Run: [dbtdcdhrgck] C:\DOCUME~1\Owner\LOCALS~1\Temp\ygr3n0u43d4ag.exe
O4 - HKCU\..\Run: [mjbz72u1g7dg5zr6] C:\DOCUME~1\Owner\LOCALS~1\Temp\f5340w7.exe
O4 - HKCU\..\Run: [bvxzdxi3hk6hmmu1i0t7i96cqxz3ak41xbz5] C:\DOCUME~1\Owner\LOCALS~1\Temp\ryrlena3u.exe
O4 - HKCU\..\Run: [da4lrpy5ozdjbh0pimkzdidhpuw4ngeelke] C:\DOCUME~1\Owner\LOCALS~1\Temp\e0hqzwsl8p3ok.exe
O4 - HKCU\..\Run: [a91ywwtuwf6cfz18v5y8qyaqi8rmj482sif6] C:\DOCUME~1\Owner\LOCALS~1\Temp\uihp9jr1z.exe
O4 - HKCU\..\Run: [tr8yvjuct4jvsmta2jlkgz2czscm5b] C:\DOCUME~1\Owner\LOCALS~1\Temp\i99f0nfp7.exe
O4 - HKCU\..\Run: [p3odhdsv6slgcsm0k0bibdlg421wg] C:\DOCUME~1\Owner\LOCALS~1\Temp\bwlx7sqrrp.exe
O4 - HKCU\..\Run: [ip1k3ad3i6knox] C:\DOCUME~1\Owner\LOCALS~1\Temp\zmd5o9.exe
O4 - HKCU\..\Run: [hgvhnvrwtuqmaljyn8d] C:\DOCUME~1\Owner\LOCALS~1\Temp\hlu4s5t3w.exe
O4 - HKCU\..\Run: [db277de06wu51aj0o19vq] C:\DOCUME~1\Owner\LOCALS~1\Temp\nawrk0.exe
O4 - HKCU\..\Run: [e1yi1jypbbt5r] C:\DOCUME~1\Owner\LOCALS~1\Temp\s9w7odjtz.exe
O4 - HKCU\..\Run: [qr76txq5jr1onlutr] C:\DOCUME~1\Owner\LOCALS~1\Temp\ka3bdzfy.exe
O4 - HKCU\..\Run: [m3h7alk9ho0bwkr9w0] C:\DOCUME~1\Owner\LOCALS~1\Temp\c6acc46p.exe
O4 - HKCU\..\Run: [dy2h3isxq23mr] C:\DOCUME~1\Owner\LOCALS~1\Temp\vtmuj9hrl.exe
O4 - HKCU\..\Run: [pjdp3t7po4s2odhth] C:\DOCUME~1\Owner\LOCALS~1\Temp\gvmd6jjksm.exe
O4 - HKCU\..\Run: [rvapfrr5ru2sk118les0rjnndx18kpqj57] C:\DOCUME~1\Owner\LOCALS~1\Temp\ziycw5umrkh.exe
O4 - HKCU\..\Run: [of2l9ryldmfb4oq3g9t9yfesrusb4gto9uowhf] C:\DOCUME~1\Owner\LOCALS~1\Temp\g7ad9k7heqoc3.exe
O4 - HKCU\..\Run: [su59f82jhy5ctp8puo36phywuh2] C:\DOCUME~1\Owner\LOCALS~1\Temp\y80yy6mmxknz.exe
O4 - HKCU\..\Run: [m80rl22powjn57nurju] C:\DOCUME~1\Owner\LOCALS~1\Temp\bn71klf6jwzj8.exe
O4 - HKCU\..\Run: [m2p83cq68a20] C:\DOCUME~1\Owner\LOCALS~1\Temp\fcjjxhs.exe
O4 - HKCU\..\Run: [yqah7gedk9kvo] C:\DOCUME~1\Owner\LOCALS~1\Temp\ex2lq1w6c.exe
O4 - HKCU\..\Run: [hjh0lwq3p9pw0e0zqwkmcderf2zaqwk77t1gy9vktbgav4w4mb] C:\DOCUME~1\Owner\LOCALS~1\Temp\bxla27waab.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A25B1D89-4DD8-464A-8CE0-ECDCBFD07200}: NameServer = 85.255.112.39,85.255.112.40
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.112.39,85.255.112.40
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.112.39,85.255.112.40
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 85.255.112.39,85.255.112.40
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.39,85.255.112.40
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O22 - SharedTaskScheduler: jgzfkj9w38rksndfi7r4 - {C5BF49A2-94F3-42BD-F434-3604812C8955} - C:\WINDOWS\system32\hs78344kjkfd.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: npkcmsvc - INCA Internet Co., Ltd. - C:\Nexon\Mabinogi\npkcmsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
--
End of file - 27749 bytes
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
