|
-
February 23rd, 2009, 11:42 PM
#5
Part 2:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://firefox.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: C:\WINDOWS\system32\hs78344kjkfd.dll - {C5BF49A2-94F3-42BD-F434-3604812C8955} - C:\WINDOWS\system32\hs78344kjkfd.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [*svchostBoot] "C:\Documents and Settings\Owner\Application Data\svchost.exe"
O4 - HKLM\..\Run: [Tcahabiheb] rundll32.exe "C:\WINDOWS\Hnigumi.dll",e
O4 - HKLM\..\Run: [Ykotukejubet] rundll32.exe "C:\WINDOWS\uqasivolupufaxaw.dll",e
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe
O4 - HKCU\..\Run: [mqzlw4gi0dnwdwhc] C:\DOCUME~1\Owner\LOCALS~1\Temp\g5i4lqjcb2i3.exe
O4 - HKCU\..\Run: [vaukk260lsgxv8bv9pjsfqn] C:\DOCUME~1\Owner\LOCALS~1\Temp\kkhiqo.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [eztmngr9ba0b6u5s5wye0fqpztl4zi2cerhq] C:\DOCUME~1\Owner\LOCALS~1\Temp\ee0ripqm3hv63.exe
O4 - HKCU\..\Run: [p3exwxjnz00appbcs43noa23i76x5eqr5eyiq82i4xmhxjmecn] C:\DOCUME~1\Owner\LOCALS~1\Temp\lzfw1irb.exe
O4 - HKCU\..\Run: [w2nlngwitbrrr6pkwxnskyw05x3ip9xl468e8feyab] C:\DOCUME~1\Owner\LOCALS~1\Temp\ael5d4zbfvtyg.exe
O4 - HKCU\..\Run: [fdour8ib9rit06xeljajb79utmfxht90pv4pjuw2us] C:\DOCUME~1\Owner\LOCALS~1\Temp\ha22x2zow62vc.exe
O4 - HKCU\..\Run: [hc9meyx78lwqytw7f2t07ceknwz6b9e7ficd8yytvcfvr] C:\DOCUME~1\Owner\LOCALS~1\Temp\awvtukpyp.exe
O4 - HKCU\..\Run: [e8bhvrepzouu65] C:\DOCUME~1\Owner\LOCALS~1\Temp\wmxywlhyva.exe
O4 - HKCU\..\Run: [gfz1as5yd9zdwu4iyxof91569xjol] C:\DOCUME~1\Owner\LOCALS~1\Temp\h5xhjvjvo6i.exe
O4 - HKCU\..\Run: [n4xr1jhc4ivzvwhx5ig9ja9y8dbfay9] C:\DOCUME~1\Owner\LOCALS~1\Temp\p9fxu7uza.exe
O4 - HKCU\..\Run: [frhe6wu9l] C:\DOCUME~1\Owner\LOCALS~1\Temp\qjkvlovabx.exe
O4 - HKCU\..\Run: [oreyk6d5zhn51q1dyfto5mhphvqbv] C:\DOCUME~1\Owner\LOCALS~1\Temp\sjahjnbgmqcbz.exe
O4 - HKCU\..\Run: [h84t9r73y] C:\DOCUME~1\Owner\LOCALS~1\Temp\z66pgb1zweo.exe
O4 - HKCU\..\Run: [zjf5fxthfuzmjtjlf3q48upvk56faj] C:\DOCUME~1\Owner\LOCALS~1\Temp\ymyo6h.exe
O4 - HKCU\..\Run: [epp42tugwq7i2vay3mk] C:\DOCUME~1\Owner\LOCALS~1\Temp\qk444ptnyu22j.exe
O4 - HKCU\..\Run: [j83buy4gbcv5wqux] C:\DOCUME~1\Owner\LOCALS~1\Temp\vafocv0os.exe
O4 - HKCU\..\Run: [z5rc4hoczk2qiluythpws55yef0ghdvhb8o] C:\DOCUME~1\Owner\LOCALS~1\Temp\j7708iuf.exe
O4 - HKCU\..\Run: [jry7r2mbwsz6vb61jjgwogkgcgeoch1] C:\DOCUME~1\Owner\LOCALS~1\Temp\cwdeklv.exe
O4 - HKCU\..\Run: [eq79azetdoexsvuw6srooy4oqx] C:\DOCUME~1\Owner\LOCALS~1\Temp\p8iob1n.exe
O4 - HKCU\..\Run: [pbb0hcz5moz2k3fsdf0l2o] C:\DOCUME~1\Owner\LOCALS~1\Temp\xe4j3gqm.exe
O4 - HKCU\..\Run: [hp56w58a6nmh9hy] C:\DOCUME~1\Owner\LOCALS~1\Temp\b536q1.exe
O4 - HKCU\..\Run: [oae6ks10u12p9] C:\DOCUME~1\Owner\LOCALS~1\Temp\mueruqmeknclj.exe
O4 - HKCU\..\Run: [vjz7qevgul9slb15zn6z19c893pv7rw9947olje6h7] C:\DOCUME~1\Owner\LOCALS~1\Temp\g5rcu6o.exe
O4 - HKCU\..\Run: [ehz7jw7iwwwbzja0e7anjr5c7si2cupyhzfsrryb] C:\DOCUME~1\Owner\LOCALS~1\Temp\zhs23zvck66z.exe
O4 - HKCU\..\Run: [gs4z9o2w7ektr253n15d04uiwzrlgotwmyev2hb] C:\DOCUME~1\Owner\LOCALS~1\Temp\csktea328i.exe
O4 - HKCU\..\Run: [txb5mkc6s4doosha1s0] C:\DOCUME~1\Owner\LOCALS~1\Temp\dklz8z72f5.exe
O4 - HKCU\..\Run: [jkwu7kjle4qk9zlntifch65ar6d3g9] C:\DOCUME~1\Owner\LOCALS~1\Temp\t63qun0ormqwu.exe
O4 - HKCU\..\Run: [e486kapx4] C:\DOCUME~1\Owner\LOCALS~1\Temp\acmadnjqz1f.exe
O4 - HKCU\..\Run: [kkzmxx9co9jkamr03d673cu2r5w] C:\DOCUME~1\Owner\LOCALS~1\Temp\vtuhhp1n.exe
O4 - HKCU\..\Run: [pgxq6ffzgtfn8zjkt7z70dp6k01fp2mbrgx8vb8kwlzfmmvlz4] C:\DOCUME~1\Owner\LOCALS~1\Temp\cuuhr46.exe
O4 - HKCU\..\Run: [iiyezar9qcfg3t0] C:\DOCUME~1\Owner\LOCALS~1\Temp\rbbylu.exe
O4 - HKCU\..\Run: [qhofb5bpc1zvwaaexmv2eqx4xc] C:\DOCUME~1\Owner\LOCALS~1\Temp\sd7o4zp21r.exe
O4 - HKCU\..\Run: [bepumlo9qka3d7rqrcc8hqdjwujsahsrfqr] C:\DOCUME~1\Owner\LOCALS~1\Temp\p3ykig0etk.exe
O4 - HKCU\..\Run: [cnejyb6ynafpeqjn4swmt] C:\DOCUME~1\Owner\LOCALS~1\Temp\tf6do12c5j.exe
O4 - HKCU\..\Run: [f038bd8biwd] C:\DOCUME~1\Owner\LOCALS~1\Temp\x3o23e.exe
O4 - HKCU\..\Run: [iyowwrssch1] C:\DOCUME~1\Owner\LOCALS~1\Temp\d4l84a2qz3.exe
O4 - HKCU\..\Run: [njijfz0fg8fulo6vh4ck455hinto7dk1a1gvtlm] C:\DOCUME~1\Owner\LOCALS~1\Temp\g8m190.exe
O4 - HKCU\..\Run: [ptmiouyvp9y1g2kjzb25ufqsl2lldnafz4xy] C:\DOCUME~1\Owner\LOCALS~1\Temp\nikxkh5.exe
O4 - HKCU\..\Run: [ct06q89w89lii12] C:\DOCUME~1\Owner\LOCALS~1\Temp\xcba6ycc.exe
O4 - HKCU\..\Run: [dxz1150usto61f3oqrwdnspjl27rljuarob2yg] C:\DOCUME~1\Owner\LOCALS~1\Temp\ig48kbpkd0.exe
O4 - HKCU\..\Run: [r59has6jsv0zug8c] C:\DOCUME~1\Owner\LOCALS~1\Temp\arsss7.exe
O4 - HKCU\..\Run: [cqpzp546i1ohpgwgxxbccouilmxh7i123zdw4tx623jxrb7m4b] C:\DOCUME~1\Owner\LOCALS~1\Temp\d89a5p4q.exe
O4 - HKCU\..\Run: [yxgf3kpymc0b03vytxdci] C:\DOCUME~1\Owner\LOCALS~1\Temp\ixt4zhk05.exe
O4 - HKCU\..\Run: [bd6sy0mrn9pm] C:\DOCUME~1\Owner\LOCALS~1\Temp\tkq0dg.exe
O4 - HKCU\..\Run: [hkkuz9ifzq] C:\DOCUME~1\Owner\LOCALS~1\Temp\t0xr63isaoeg.exe
O4 - HKCU\..\Run: [ny774bw7j4fz9w90gp39b7a4vfffk9idk7mw6zixkdwuo41z4n] C:\DOCUME~1\Owner\LOCALS~1\Temp\cs0igxdc.exe
O4 - HKCU\..\Run: [edlim34jbt35iu4qfxsdehcdrhe] C:\DOCUME~1\Owner\LOCALS~1\Temp\wiuvt54aq.exe
O4 - HKCU\..\Run: [rcxcvw7x99sq] C:\DOCUME~1\Owner\LOCALS~1\Temp\frn6whd.exe
O4 - HKCU\..\Run: [sg3r3d6dnnkwjiae4w7crldcdor1ihm7t97cu9s6n7p] C:\DOCUME~1\Owner\LOCALS~1\Temp\qtnpjrfo.exe
O4 - HKCU\..\Run: [rj5cfmsm0p5iqh3mn8vq0n6j02dr518] C:\DOCUME~1\Owner\LOCALS~1\Temp\a9u9ylwi.exe
O4 - HKCU\..\Run: [abznzraa4mpozjv1] C:\DOCUME~1\Owner\LOCALS~1\Temp\p4o6v3cz.exe
O4 - HKCU\..\Run: [qjv35oi6xbv723fqkp9deidj8c9e0njitc4pwo24f] C:\DOCUME~1\Owner\LOCALS~1\Temp\b3p99u6.exe
O4 - HKCU\..\Run: [w5fvvk4wjv2or6a9seexehi6hlsa9frqzk] C:\DOCUME~1\Owner\LOCALS~1\Temp\qaek4z.exe
O4 - HKCU\..\Run: [v87d0yr34m40zpka9n1py750lsnpmqhxnhnsvh] C:\DOCUME~1\Owner\LOCALS~1\Temp\aw4vs0yecyy1.exe
O4 - HKCU\..\Run: [wf2544at5otn8suocjcci0tshgztve] C:\DOCUME~1\Owner\LOCALS~1\Temp\q49adqgwaaty.exe
O4 - HKCU\..\Run: [cml4x676kjoo] C:\DOCUME~1\Owner\LOCALS~1\Temp\en9swi5.exe
O4 - HKCU\..\Run: [trjqf0e73pkf] C:\DOCUME~1\Owner\LOCALS~1\Temp\teiobka81n.exe
O4 - HKCU\..\Run: [lv6ioiawblw05v4b4b0goxxjs7do6n2sb3hssapn1ekv3dpqb] C:\DOCUME~1\Owner\LOCALS~1\Temp\lczn1svxlzy.exe
O4 - HKCU\..\Run: [vmm16n6gg0nq2ejc49nu71dh19cr0y] C:\DOCUME~1\Owner\LOCALS~1\Temp\gikolagbd.exe
O4 - HKCU\..\Run: [xdwyfqmmbmi] C:\DOCUME~1\Owner\LOCALS~1\Temp\gku3tda9v7.exe
O4 - HKCU\..\Run: [tmj8tjefio560] C:\DOCUME~1\Owner\LOCALS~1\Temp\xguqgchr.exe
O4 - HKCU\..\Run: [bwn08bnugmz6kxk9m7] C:\DOCUME~1\Owner\LOCALS~1\Temp\wd1vwt4.exe
O4 - HKCU\..\Run: [cogad] "C:\Documents and Settings\Owner\Application Data\cogad\cogad.exe" 61A847B5BBF72813329D31466188719AB689201522886B092CBD44BD8689220221DD3257
O4 - HKCU\..\Run: [fj859nt9bm9hzfg2p7itn8hctqvm5xf3rfzruev] C:\DOCUME~1\Owner\LOCALS~1\Temp\i0osvfy76.exe
O4 - HKCU\..\Run: [idztkg3sylkowdax71vkie8gnt0diiqdwb96] C:\DOCUME~1\Owner\LOCALS~1\Temp\v8d7u0.exe
O4 - HKCU\..\Run: [acxupptdjewbgz7qdfxi9u8iik4p9jh0psazd90] C:\DOCUME~1\Owner\LOCALS~1\Temp\oep65c1.exe
O4 - HKCU\..\Run: [gzzffsvvf85a5ecka6rixyyi6hr0nrashdw] C:\DOCUME~1\Owner\LOCALS~1\Temp\ryftwi4.exe
O4 - HKCU\..\Run: [p1qs8wozhuy809xv7ctjagu3py7je2mho9] C:\DOCUME~1\Owner\LOCALS~1\Temp\cc3cmtu2cbw.exe
O4 - HKCU\..\Run: [gfp7sfoxrr] C:\DOCUME~1\Owner\LOCALS~1\Temp\rfmdp0xn9.exe
O4 - HKCU\..\Run: [c5n002t21pjoxzk1x5qe5u8tq9fdggkhp4gkq7gsxm7] C:\DOCUME~1\Owner\LOCALS~1\Temp\u4vkauji.exe
O4 - HKCU\..\Run: [zew782pfozd1v3ryh883z9rrluci0h0joeopoyas08lc7zv] C:\DOCUME~1\Owner\LOCALS~1\Temp\fne3g4lbh.exe
O4 - HKCU\..\Run: [n69wasr5hrz7xn517fayhp6c5ggpb3j91jsfble55vsjcm] C:\DOCUME~1\Owner\LOCALS~1\Temp\wez9e9g.exe
O4 - HKCU\..\Run: [u64oc0bvi6dv1rlyo3fejtg0laznq9twlphfepph1baouki] C:\DOCUME~1\Owner\LOCALS~1\Temp\lruunw078.exe
O4 - HKCU\..\Run: [k6ybzzpu94upahtupx12c9g] C:\DOCUME~1\Owner\LOCALS~1\Temp\lwhnrlqt.exe
O4 - HKCU\..\Run: [ikxeoi1me4] C:\DOCUME~1\Owner\LOCALS~1\Temp\dn8ywjksyiz.exe
O4 - HKCU\..\Run: [t7vyfzaewm9fdw4f5w3u6z5ipv1hxre8d] C:\DOCUME~1\Owner\LOCALS~1\Temp\n153kaqoj6.exe
O4 - HKCU\..\Run: [gt0x8l10iwmse6ie7um7fiy4rjgcuwl] C:\DOCUME~1\Owner\LOCALS~1\Temp\hymjzwl14oc1.exe
O4 - HKCU\..\Run: [q9wos6cd1xu51q8rcxo0qty2809ue5hiv] C:\DOCUME~1\Owner\LOCALS~1\Temp\gt05hd643u.exe
O4 - HKCU\..\Run: [gido7tdsmmeiqtgevi9itxleron75l6] C:\DOCUME~1\Owner\LOCALS~1\Temp\u5v8t3p.exe
O4 - HKCU\..\Run: [my2g2w4o9r8u7m2oksy1binz4rdpj5] C:\DOCUME~1\Owner\LOCALS~1\Temp\xplvoz6.exe
O4 - HKCU\..\Run: [j7751seccyxv7du7o94mngsj8wav] C:\DOCUME~1\Owner\LOCALS~1\Temp\yzqtfgqn.exe
O4 - HKCU\..\Run: [ar2pmy3ougefig95czc8yqmg1u3h8f] C:\DOCUME~1\Owner\LOCALS~1\Temp\begw1vjqr.exe
O4 - HKCU\..\Run: [f9pytm4pmbhaio8iayao5vcxk6tuii89soyujjp0xa4oj] C:\DOCUME~1\Owner\LOCALS~1\Temp\aed29c.exe
O4 - HKCU\..\Run: [pno89zwtxohg] C:\DOCUME~1\Owner\LOCALS~1\Temp\iuu1dp6dx.exe
O4 - HKCU\..\Run: [x39brjs8fna2kuz] C:\DOCUME~1\Owner\LOCALS~1\Temp\wbk45ekqmje.exe
O4 - HKCU\..\Run: [bdbpjpj25gapcmkkis805qyqxwm3i4w7dgvoka0pv6k7q7gqw] C:\DOCUME~1\Owner\LOCALS~1\Temp\jnswb7xd.exe
O4 - HKCU\..\Run: [pw5vpf0oxa8el] C:\DOCUME~1\Owner\LOCALS~1\Temp\tfnhqhfv.exe
O4 - HKCU\..\Run: [ac74e653a1] C:\DOCUME~1\Owner\LOCALS~1\Temp\o2w55k.exe
O4 - HKCU\..\Run: [vkmtlmvhdbudwin91p5xpccirla6dynnb] C:\DOCUME~1\Owner\LOCALS~1\Temp\qc4xo3a8zl.exe
O4 - HKCU\..\Run: [ej35eim0d9motvuorji4nd] C:\DOCUME~1\Owner\LOCALS~1\Temp\xg6inegnndm96.exe
O4 - HKCU\..\Run: [zm28d7bbdpn02bh2qtztd45efqsuxijm92pj1n0h2e964i2a] C:\DOCUME~1\Owner\LOCALS~1\Temp\ucuv2ua3.exe
O4 - HKCU\..\Run: [z3dbsfhunn66rs] C:\DOCUME~1\Owner\LOCALS~1\Temp\pjh1tm4.exe
O4 - HKCU\..\Run: [cfcpwejtyvlir] C:\DOCUME~1\Owner\LOCALS~1\Temp\s3qooil.exe
O4 - HKCU\..\Run: [fp8umyfol5xd1pqks6ha91i87gswcdx046lnhm] C:\DOCUME~1\Owner\LOCALS~1\Temp\zel9rv3h.exe
O4 - HKCU\..\Run: [o3zvxm8i2k2u604hv6h48dpu5gn3fxrb24auro8q2katm5] C:\DOCUME~1\Owner\LOCALS~1\Temp\o0eq13drb9su.exe
O4 - HKCU\..\Run: [xuufkr1whzen0n1xj3qd65qlnn4lztba33zt1s4g] C:\DOCUME~1\Owner\LOCALS~1\Temp\j6gu6olz.exe
O4 - HKCU\..\Run: [ohxtkbc016m0tqm0mgkvreran4rtigun4seb3i7txcmw] C:\DOCUME~1\Owner\LOCALS~1\Temp\yodio9tfw.exe
O4 - HKCU\..\Run: [yqwqkvogp4] C:\DOCUME~1\Owner\LOCALS~1\Temp\jqw1f99zk4.exe
O4 - HKCU\..\Run: [fizu0k6l8s0gat42z030npgr08s8t5vdlae] C:\DOCUME~1\Owner\LOCALS~1\Temp\m0rl0z.exe
O4 - HKCU\..\Run: [c0h6qhwxfvix7or2fd0hradugmr4z5p2g55kwnjkn] C:\DOCUME~1\Owner\LOCALS~1\Temp\ay5r26jw7s.exe
O4 - HKCU\..\Run: [v0v2u14yd2vn] C:\DOCUME~1\Owner\LOCALS~1\Temp\h27t1hpbgakg7.exe
O4 - HKCU\..\Run: [q4z8ps4crvd5uhqbe2pb1er7hysaovudc2qtm6n49a2rlo] C:\DOCUME~1\Owner\LOCALS~1\Temp\dievxjhut4.exe
O4 - HKCU\..\Run: [i6pac2b1hmax3c1ik4hahm1nppqeq96xgyfgj53kouefc9wep] C:\DOCUME~1\Owner\LOCALS~1\Temp\kwz3vsgklmt.exe
O4 - HKCU\..\Run: [e2xr3glmmz9529575iivn5ab1u7o] C:\DOCUME~1\Owner\LOCALS~1\Temp\ln41ms0cmgop.exe
O4 - HKCU\..\Run: [a5ppuh1zu0uznj3sjy4dndmf28] C:\DOCUME~1\Owner\LOCALS~1\Temp\c9do4f0mua6u0.exe
O4 - HKCU\..\Run: [efrpoe8zs9nj969nnlaql0jibhp81z5gud9sls] C:\DOCUME~1\Owner\LOCALS~1\Temp\hpx4m6cfahgbv.exe
O4 - HKCU\..\Run: [ubbbzpbj2nqthuzh269htdootorpn5d0jilthmdt6ijemxzp9] C:\DOCUME~1\Owner\LOCALS~1\Temp\iz22dn.exe
O4 - HKCU\..\Run: [jcivfsp3mmnj] C:\DOCUME~1\Owner\LOCALS~1\Temp\s1sqywvp65.exe
O4 - HKCU\..\Run: [zb2ghamaiptudpbw5vrd4fnqhet3y7j] C:\DOCUME~1\Owner\LOCALS~1\Temp\txg8fuke7i.exe
O4 - HKCU\..\Run: [hhbitzasfkmpqqkgom46h0fa8s4wpkn0] C:\DOCUME~1\Owner\LOCALS~1\Temp\z51vqpd.exe
O4 - HKCU\..\Run: [dofhjsvvffbh0b1ff3734tsyngjyzged8mdeiu88glk6] C:\DOCUME~1\Owner\LOCALS~1\Temp\rn8zfb.exe
O4 - HKCU\..\Run: [a6zpsz5hbmpq3hljr0xs6ae67bwz0b1cyw6zxvd5f] C:\DOCUME~1\Owner\LOCALS~1\Temp\h9ubr1m.exe
O4 - HKCU\..\Run: [hfv26hse0y91dgf3h3tr4j7xbk0]
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
