Show Posts
1
Tech Clinic / :( Please help me - clicksearchclick :(
« on: May 25, 2005, 07:51:22 AM »
Thanks for reading...please help me free my laptop...I promise never to let random people use it again
Logfile of HijackThis v1.99.1
Scan saved at 7:22:51 AM, on 5/25/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NavNT\vptray.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\DIGStream\digstream.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\WINDOWS\System32\Services\{C6823DF1-7400-42D9-B099-8C80DCF39406}\SVCHOST.EXE
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\Plaxo\2.1.0.80\InstallStub.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\NavNT\defwatch.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\RoamMgr.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Intel\Switching\User\RoamSvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Intuit\QuickBooks Pro\qbw32.exe
C:\Program Files\Common Files\Intuit\QuickBooks\axlBridge.exe
C:\HJT\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://abcsearch4u.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://abcsearch4u.com/index.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.clicksearchclick.com/index.php?aff=9
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://abcsearch4u.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://abcsearch4u.com/index.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.com/bookmark/7_0/home.html"); (C:\Documents and Settings\G\Application Data\Mozilla\Profiles\default\7ggkcpyt.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\G\Application Data\Mozilla\Profiles\default\7ggkcpyt.slt\prefs.js)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_16_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_16_0.dll
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Service Host] C:\WINDOWS\System32\Services\{C6823DF1-7400-42D9-B099-8C80DCF39406}\SVCHOST.EXE
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [Disk Keeper] C:\WINDOWS\System32\Services\{C6823DF1-7400-42D9-B099-8C80DCF39406}\SECURITY.EXE
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.1.0.80\InstallStub.exe -a
O4 - HKCU\..\Run: [pqpqasn] c:\windows\pixtadm.exe
O4 - HKCU\..\Run: [fudafmw] c:\windows\pixtadm.exe
O4 - HKCU\..\Run: [nhrslgq] c:\windows\pixtadm.exe
O4 - HKCU\..\Run: [oiquyow] c:\windows\pixtadm.exe
O4 - HKCU\..\Run: [xypvaup] c:\windows\pixtadm.exe
O4 - HKCU\..\Run: [dbvvhpr] c:\windows\pixtadm.exe
O4 - HKCU\..\Run: [fqmnsme] c:\windows\pixtadm.exe
O4 - HKCU\..\Run: [bfbxqep] c:\windows\pixtadm.exe
O4 - HKCU\..\Run: [odkmxuo] c:\windows\nvijmnm.exe
O4 - HKCU\..\Run: [paujdyc] c:\windows\nvijmnm.exe
O4 - HKCU\..\Run: [dwgxetl] c:\windows\nvijmnm.exe
O4 - HKCU\..\Run: [iphbcsj] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [savdtyy] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ruigtcq] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ftasfwk] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [qybakxx] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [uhnwtgm] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ylipuxv] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [vdihoov] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [stwjxsd] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [rjppfmy] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [nutvhga] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [mftdjgl] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ipqixcb] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [jvykufe] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [tcmmfpg] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [jlepaex] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [anciwve] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ystrmip] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [fcwrykg] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [yqvkmiu] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [srmxusu] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ahvgjtf] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [mdpqhss] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [xnaunam] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [fwygxum] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [clentgp] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [fqyjdxy] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [aofslsv] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [npyyqjm] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [vuguaun] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [yvfiria] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [cnwbeqr] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ggutpmc] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [daqjotj] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [gkehgai] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [bfmscme] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [hgxcoth] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [osiqtep] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [limrfge] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [rfjbbcd] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [xkivhby] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [vdcmvne] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [piisxmb] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [rntredp] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [oxgelym] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [lqeiypw] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [otmotwa] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [qfodauk] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [wsjvtud] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [rrliyaa] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [vgcrxyh] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [teonhpi] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [rlhjscj] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [nhaolxn] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [lgxsklq] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [bscextr] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [txbipho] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [qtpipsq] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [yxvccsu] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [clcoxhr] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ybnilnf] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [joadiui] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [lsjtjtw] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [csaqlhd] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [agvhygk] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ltmbxcp] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ievrkrv] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [slwvnbk] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [njuulwh] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [gshufwb] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [jhdaxlx] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [euaofhh] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [xhkbrop] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [lcbcjmf] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [rqxbcod] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [vxdajei] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [loecbxy] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [cdeoyvb] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [nugspso] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [skfpryb] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [vfrdfmi] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [oohevgm] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [gbvnlry] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [uimdpmr] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [qgxrhqn] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [khuiaeo] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [kepxaqb] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [kohxfck] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [vowopgp] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [kbecqrg] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [nabjwfc] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [atdahex] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ylskuhi] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [kalgbko] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [chtnwve] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [bykicws] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ykmpqmo] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [hqrrmbe] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [mcuoyvu] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [bfsxkvt] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [drknyes] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [whikfbs] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [xwdfetf] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [mehdmxq] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [dehurvi] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [asuwjmm] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [lucbmex] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [sdmuvsf] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [uwcmqxe] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [hgtcxmo] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [rstnwkb] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [vhdijky] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [etfesjb] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [evqtsel] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [cqqlggu] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [vudcgim] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [kldemky] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [thbofdj] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ooqvgpy] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [hfqjtuv] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [tqpwlfv] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [wreimfv] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [obaihcg] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [lgwvird] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [kfhsrop] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [abkfhgd] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [cakhnvv] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [endkles] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [moaodqw] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [bfmuvrk] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [kjmbsgr] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [sdnrpix] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [bnjqdpl] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [lhfmvfp] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [frlyfjb] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ymhbexg] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [wwecsik] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [bnrlkon] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [lxetvax] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [yuhvldx] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [nequiay] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [bxuyyek] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [geyrxbl] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [hbkomaj] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ghftuyo] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [yatpguj] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ycvncjj] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [pjaceml] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [whohjhp] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [nhmgdju] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [axycjml] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [wyhuxtf] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [waldoop] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ofypsjw] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [rbdebcy] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [fpxuygc] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [dqupdjv] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [dqrbexx] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [mndsmya] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [sngdwbi] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [yqmbwgs] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [gvhaqcu] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [qaihjnc] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [navwxsp] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [chkpyfe] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [wsschxo] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ihyxhnm] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [txbnqck] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [nifthle] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ywxifuq] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [icqlxur] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ksexbqg] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [mupjybd] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ifbgflk] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [iqtuwwv] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [gwcpjpk] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [lptwwrg] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [lmbfyhq] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [nlxystg] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [vsryegh] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [yfwkwhe] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [realwmu] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [uxmjrmp] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [mxflcuq] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [qlnfmtf] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [xatkyht] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [mduyvwr] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [antradj] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [bbbnbqw] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [uucstyx] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [lkxlbjr] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [xhttuiq] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [tjeymri] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [jbirmku] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [wdtlqlo] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [emhjhlm] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [efetkvu] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [gnsequp] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [jhrrplp] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [etqwife] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [csptbyv] c:\windows\wnsulol.exe
O4 - HKCU\..\Run: [rfyhnfj] c:\windows\wnsulol.exe
O4 - HKCU\..\Run: [tmktqyr] c:\windows\wnsulol.exe
O4 - HKCU\..\Run: [uhmugxh] c:\windows\epchyxa.exe
O4 - HKCU\..\Run: [hacaami] c:\windows\epchyxa.exe
O4 - HKCU\..\Run: [srahcyp] c:\windows\epchyxa.exe
O4 - HKCU\..\Run: [jddtran] c:\windows\epchyxa.exe
O4 - HKCU\..\Run: [vbkeomr] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [ygjalkk] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [pnfkecr] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [scestoh] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [vccxbtv] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [hxtmual] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [ikisrmd] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [cxrduys] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [wgaajie] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [qgndnfr] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [wenvbvy] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [kuqwadm] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [vtixsgi] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [wxykvml] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [koclxdy] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [wvmurln] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [ppcxalv] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [flobfjl] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [mebgwow] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [uhepyea] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [cnanflu] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [xxskkdn] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [ocxjnon] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [xkamxic] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [rydthmo] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [auobssi] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [hlxkiux] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [nnwifjn] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [gdmfyxs] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [hmwpjpa] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [eegthvs] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [yjvdggn] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [luyaofa] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [ahohqos] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [tffbgsh] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [ppdbrss] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [uhnyuch] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [nyrskcd] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [ucktrxn] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [ptktahu] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [idrugsa] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [nyieobb] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [drlhxct] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [tblwkyh] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [rqsmfkc] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [ijvxbcr] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [phiubva] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [pwrfqcu] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [bxxpvim] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [thonaoh] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [eevuykj] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [hwquexs] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [yhglyxm] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [ltbvpcm] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [qecafjs] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [jfhewhp] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [odmhbch] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [ikpkaet] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [tnvqujx] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [amoreik] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [dkakcji] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [wypohbu] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [ymyrnqk] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [sjtkuhf] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [hnympwu] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [aeepkhb] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [nabclwl] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [lhapyaj] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [xytrpbb] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [vkhxfka] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [klorewt] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [jerraqf] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [axptldy] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [tgnjctw] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [chmtndw] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [vavqnoj] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [qbwmvdn] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [mhjfjbv] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [rtrauon] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [mrrahtd] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [wbolrdd] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [rvnnsal] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [vpisiie] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [xnycfrb] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [wortdje] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [mmjgasb] c:\windows\ikglgic.exe
O4 - HKCU\..\Run: [pqtcbvl] c:\windows\wnkjuvj.exe
O4 - HKCU\..\Run: [xkjopgl] c:\windows\wnkjuvj.exe
O4 - HKCU\..\Run: [vsmlffl] c:\windows\wnkjuvj.exe
O4 - HKCU\..\Run: [ujjqiqd] c:\windows\wnkjuvj.exe
O4 - HKCU\..\Run: [dfijhcm] c:\windows\wnkjuvj.exe
O4 - HKCU\..\Run: [cvqjffn] c:\windows\tutuocl.exe
O4 - HKCU\..\Run: [gthtnah] c:\windows\tutuocl.exe
O4 - HKCU\..\Run: [bxlubep] c:\windows\tutuocl.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: ZoneAlarm.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: (no name) - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - (no file)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - (no file)
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing)
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\flsmngr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\flsmngr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\flsmngr.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0335A685-ED24-4F7B-A08E-3BD15D84E668} - http://dl.filekicker.com/send/file/128985-NZIL/PhPSetup.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...nst20040510.cab
O16 - DPF: {8CE3BAE6-AB66-40B6-9019-41E5282FF1E2} (QuickBooks Online Edition Utilities Class v8) - https://accounting.quickbooks.com/v12.280/qboax8.cab
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {D92D7607-05D9-4DD8-B68B-D458948FB883} (QuickBooks Online Edition Utilities Class v7) - https://accounting.quickbooks.com/v11.271/qboax7.cab
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O20 - Winlogon Notify: Sebring - C:\WINDOWS\System32\LgNotify.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: Adapter Switching (IntelRoam) - Intel Corporation - C:\Program Files\Intel\Switching\User\RoamSvc.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: RoamMgr - Intel Corporation - C:\WINDOWS\System32\RoamMgr.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Logfile of HijackThis v1.99.1
Scan saved at 7:22:51 AM, on 5/25/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NavNT\vptray.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\DIGStream\digstream.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\WINDOWS\System32\Services\{C6823DF1-7400-42D9-B099-8C80DCF39406}\SVCHOST.EXE
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\Plaxo\2.1.0.80\InstallStub.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\NavNT\defwatch.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\RoamMgr.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Intel\Switching\User\RoamSvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Intuit\QuickBooks Pro\qbw32.exe
C:\Program Files\Common Files\Intuit\QuickBooks\axlBridge.exe
C:\HJT\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://abcsearch4u.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://abcsearch4u.com/index.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.clicksearchclick.com/index.php?aff=9
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://abcsearch4u.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://abcsearch4u.com/index.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.com/bookmark/7_0/home.html"); (C:\Documents and Settings\G\Application Data\Mozilla\Profiles\default\7ggkcpyt.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\G\Application Data\Mozilla\Profiles\default\7ggkcpyt.slt\prefs.js)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_16_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_16_0.dll
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Service Host] C:\WINDOWS\System32\Services\{C6823DF1-7400-42D9-B099-8C80DCF39406}\SVCHOST.EXE
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [Disk Keeper] C:\WINDOWS\System32\Services\{C6823DF1-7400-42D9-B099-8C80DCF39406}\SECURITY.EXE
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.1.0.80\InstallStub.exe -a
O4 - HKCU\..\Run: [pqpqasn] c:\windows\pixtadm.exe
O4 - HKCU\..\Run: [fudafmw] c:\windows\pixtadm.exe
O4 - HKCU\..\Run: [nhrslgq] c:\windows\pixtadm.exe
O4 - HKCU\..\Run: [oiquyow] c:\windows\pixtadm.exe
O4 - HKCU\..\Run: [xypvaup] c:\windows\pixtadm.exe
O4 - HKCU\..\Run: [dbvvhpr] c:\windows\pixtadm.exe
O4 - HKCU\..\Run: [fqmnsme] c:\windows\pixtadm.exe
O4 - HKCU\..\Run: [bfbxqep] c:\windows\pixtadm.exe
O4 - HKCU\..\Run: [odkmxuo] c:\windows\nvijmnm.exe
O4 - HKCU\..\Run: [paujdyc] c:\windows\nvijmnm.exe
O4 - HKCU\..\Run: [dwgxetl] c:\windows\nvijmnm.exe
O4 - HKCU\..\Run: [iphbcsj] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [savdtyy] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ruigtcq] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ftasfwk] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [qybakxx] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [uhnwtgm] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ylipuxv] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [vdihoov] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [stwjxsd] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [rjppfmy] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [nutvhga] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [mftdjgl] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ipqixcb] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [jvykufe] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [tcmmfpg] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [jlepaex] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [anciwve] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ystrmip] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [fcwrykg] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [yqvkmiu] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [srmxusu] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ahvgjtf] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [mdpqhss] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [xnaunam] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [fwygxum] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [clentgp] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [fqyjdxy] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [aofslsv] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [npyyqjm] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [vuguaun] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [yvfiria] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [cnwbeqr] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ggutpmc] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [daqjotj] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [gkehgai] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [bfmscme] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [hgxcoth] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [osiqtep] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [limrfge] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [rfjbbcd] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [xkivhby] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [vdcmvne] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [piisxmb] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [rntredp] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [oxgelym] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [lqeiypw] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [otmotwa] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [qfodauk] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [wsjvtud] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [rrliyaa] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [vgcrxyh] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [teonhpi] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [rlhjscj] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [nhaolxn] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [lgxsklq] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [bscextr] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [txbipho] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [qtpipsq] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [yxvccsu] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [clcoxhr] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ybnilnf] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [joadiui] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [lsjtjtw] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [csaqlhd] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [agvhygk] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ltmbxcp] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ievrkrv] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [slwvnbk] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [njuulwh] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [gshufwb] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [jhdaxlx] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [euaofhh] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [xhkbrop] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [lcbcjmf] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [rqxbcod] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [vxdajei] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [loecbxy] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [cdeoyvb] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [nugspso] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [skfpryb] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [vfrdfmi] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [oohevgm] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [gbvnlry] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [uimdpmr] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [qgxrhqn] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [khuiaeo] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [kepxaqb] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [kohxfck] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [vowopgp] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [kbecqrg] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [nabjwfc] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [atdahex] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ylskuhi] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [kalgbko] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [chtnwve] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [bykicws] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ykmpqmo] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [hqrrmbe] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [mcuoyvu] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [bfsxkvt] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [drknyes] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [whikfbs] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [xwdfetf] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [mehdmxq] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [dehurvi] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [asuwjmm] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [lucbmex] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [sdmuvsf] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [uwcmqxe] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [hgtcxmo] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [rstnwkb] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [vhdijky] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [etfesjb] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [evqtsel] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [cqqlggu] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [vudcgim] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [kldemky] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [thbofdj] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ooqvgpy] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [hfqjtuv] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [tqpwlfv] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [wreimfv] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [obaihcg] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [lgwvird] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [kfhsrop] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [abkfhgd] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [cakhnvv] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [endkles] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [moaodqw] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [bfmuvrk] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [kjmbsgr] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [sdnrpix] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [bnjqdpl] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [lhfmvfp] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [frlyfjb] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ymhbexg] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [wwecsik] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [bnrlkon] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [lxetvax] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [yuhvldx] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [nequiay] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [bxuyyek] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [geyrxbl] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [hbkomaj] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ghftuyo] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [yatpguj] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ycvncjj] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [pjaceml] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [whohjhp] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [nhmgdju] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [axycjml] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [wyhuxtf] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [waldoop] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ofypsjw] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [rbdebcy] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [fpxuygc] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [dqupdjv] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [dqrbexx] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [mndsmya] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [sngdwbi] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [yqmbwgs] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [gvhaqcu] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [qaihjnc] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [navwxsp] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [chkpyfe] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [wsschxo] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ihyxhnm] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [txbnqck] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [nifthle] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ywxifuq] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [icqlxur] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ksexbqg] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [mupjybd] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [ifbgflk] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [iqtuwwv] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [gwcpjpk] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [lptwwrg] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [lmbfyhq] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [nlxystg] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [vsryegh] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [yfwkwhe] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [realwmu] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [uxmjrmp] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [mxflcuq] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [qlnfmtf] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [xatkyht] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [mduyvwr] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [antradj] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [bbbnbqw] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [uucstyx] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [lkxlbjr] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [xhttuiq] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [tjeymri] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [jbirmku] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [wdtlqlo] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [emhjhlm] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [efetkvu] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [gnsequp] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [jhrrplp] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [etqwife] c:\windows\pncfuai.exe
O4 - HKCU\..\Run: [csptbyv] c:\windows\wnsulol.exe
O4 - HKCU\..\Run: [rfyhnfj] c:\windows\wnsulol.exe
O4 - HKCU\..\Run: [tmktqyr] c:\windows\wnsulol.exe
O4 - HKCU\..\Run: [uhmugxh] c:\windows\epchyxa.exe
O4 - HKCU\..\Run: [hacaami] c:\windows\epchyxa.exe
O4 - HKCU\..\Run: [srahcyp] c:\windows\epchyxa.exe
O4 - HKCU\..\Run: [jddtran] c:\windows\epchyxa.exe
O4 - HKCU\..\Run: [vbkeomr] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [ygjalkk] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [pnfkecr] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [scestoh] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [vccxbtv] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [hxtmual] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [ikisrmd] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [cxrduys] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [wgaajie] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [qgndnfr] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [wenvbvy] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [kuqwadm] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [vtixsgi] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [wxykvml] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [koclxdy] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [wvmurln] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [ppcxalv] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [flobfjl] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [mebgwow] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [uhepyea] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [cnanflu] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [xxskkdn] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [ocxjnon] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [xkamxic] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [rydthmo] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [auobssi] c:\windows\cdmomsy.exe
O4 - HKCU\..\Run: [hlxkiux] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [nnwifjn] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [gdmfyxs] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [hmwpjpa] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [eegthvs] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [yjvdggn] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [luyaofa] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [ahohqos] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [tffbgsh] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [ppdbrss] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [uhnyuch] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [nyrskcd] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [ucktrxn] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [ptktahu] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [idrugsa] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [nyieobb] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [drlhxct] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [tblwkyh] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [rqsmfkc] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [ijvxbcr] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [phiubva] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [pwrfqcu] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [bxxpvim] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [thonaoh] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [eevuykj] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [hwquexs] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [yhglyxm] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [ltbvpcm] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [qecafjs] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [jfhewhp] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [odmhbch] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [ikpkaet] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [tnvqujx] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [amoreik] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [dkakcji] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [wypohbu] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [ymyrnqk] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [sjtkuhf] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [hnympwu] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [aeepkhb] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [nabclwl] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [lhapyaj] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [xytrpbb] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [vkhxfka] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [klorewt] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [jerraqf] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [axptldy] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [tgnjctw] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [chmtndw] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [vavqnoj] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [qbwmvdn] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [mhjfjbv] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [rtrauon] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [mrrahtd] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [wbolrdd] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [rvnnsal] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [vpisiie] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [xnycfrb] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [wortdje] c:\windows\aqwqsax.exe
O4 - HKCU\..\Run: [mmjgasb] c:\windows\ikglgic.exe
O4 - HKCU\..\Run: [pqtcbvl] c:\windows\wnkjuvj.exe
O4 - HKCU\..\Run: [xkjopgl] c:\windows\wnkjuvj.exe
O4 - HKCU\..\Run: [vsmlffl] c:\windows\wnkjuvj.exe
O4 - HKCU\..\Run: [ujjqiqd] c:\windows\wnkjuvj.exe
O4 - HKCU\..\Run: [dfijhcm] c:\windows\wnkjuvj.exe
O4 - HKCU\..\Run: [cvqjffn] c:\windows\tutuocl.exe
O4 - HKCU\..\Run: [gthtnah] c:\windows\tutuocl.exe
O4 - HKCU\..\Run: [bxlubep] c:\windows\tutuocl.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: ZoneAlarm.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: (no name) - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - (no file)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - (no file)
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing)
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\flsmngr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\flsmngr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\flsmngr.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0335A685-ED24-4F7B-A08E-3BD15D84E668} - http://dl.filekicker.com/send/file/128985-NZIL/PhPSetup.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...nst20040510.cab
O16 - DPF: {8CE3BAE6-AB66-40B6-9019-41E5282FF1E2} (QuickBooks Online Edition Utilities Class v8) - https://accounting.quickbooks.com/v12.280/qboax8.cab
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {D92D7607-05D9-4DD8-B68B-D458948FB883} (QuickBooks Online Edition Utilities Class v7) - https://accounting.quickbooks.com/v11.271/qboax7.cab
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O20 - Winlogon Notify: Sebring - C:\WINDOWS\System32\LgNotify.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: Adapter Switching (IntelRoam) - Intel Corporation - C:\Program Files\Intel\Switching\User\RoamSvc.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: RoamMgr - Intel Corporation - C:\WINDOWS\System32\RoamMgr.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe