1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Need some help with a HJT log

Discussion in 'Malware and Virus Removal Archive' started by BillB, 2006/03/09.

  1. 2006/03/09
    BillB Lifetime Subscription

    BillB Well-Known Member Thread Starter

    Joined:
    2003/03/18
    Messages:
    750
    Likes Received:
    0
    I'm trying to clean up my sister-in-law's PC, and what a mess it is. I've run Spybot, Adaware, and AVG and they have cleaned up quite a lot of stuff. However, I think there is a lot to be done yet. If someone could have a look at the Hijackthis log and let me know what needs to be done I would appreciate it.

    Logfile of HijackThis v1.99.1
    Scan saved at 12:42:48 AM, on 3/9/06
    Platform: Windows 98 SE (Win9x 4.10.2222A)
    MSIE: Internet Explorer v5.00 (5.00.2614.3500)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\PROGRAM FILES\COMMON FILES\EPSON\EBAPI\SAGENT2.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
    C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
    C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
    C:\PROGRAM FILES\ICQ\NDETECT.EXE
    C:\WINDOWS\SYSTEM\IRYQFXQD.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\WINDOWS\SSHS\NETDDE.EXE
    C:\AMERICA ONLINE 5.0\AOLTRAY.EXE
    C:\PROGRAM FILES\DIAMOND\INCONTROL TOOLS 95\DMHKEY.EXE
    C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OSA.EXE
    C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\MSOFFICE.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\WINDOWS\SYSTEM\PSTORES.EXE
    C:\TMP\HIJACKTHIS\HIJACKTHIS.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://delspysoft.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://delspysoft.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
    O2 - BHO: (no name) - {F7518341-8CF9-11D9-BADB-000CE0630ECA} - C:\WINDOWS\SYSTEM\AAB.DLL (file missing)
    O2 - BHO: (no name) - {0F9561D0-03B2-44a3-89A6-E95E417CBA25} - C:\WINDOWS\CERBMOD.DLL (file missing)
    O2 - BHO: (no name) - {22E76E50-80ED-D431-C46A-D97835BEC8CB} - C:\WINDOWS\SYSTEM\NQGGGOH.DLL
    O2 - BHO: (no name) - {74E63556-86BC-DC66-C46A-D97835BEC8C8} - C:\WINDOWS\SYSTEM\NQGGGOH.DLL
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [Ink Monitor] C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe
    O4 - HKLM\..\Run: [Jro] C:\WINDOWS\SYSTEM\Nns.exe
    O4 - HKLM\..\Run: [Ajk] C:\WINDOWS\SYSTEM\Sla.exe
    O4 - HKLM\..\Run: [Qkk] C:\WINDOWS\SYSTEM\Vfe.exe
    O4 - HKLM\..\Run: [Vlc] C:\WINDOWS\SYSTEM\Jle.exe
    O4 - HKLM\..\Run: [Nfp] C:\WINDOWS\Paf.exe
    O4 - HKLM\..\Run: [Umk] C:\WINDOWS\SYSTEM\Tjv.exe
    O4 - HKLM\..\Run: [version] C:\WINDOWS\SYSTEM\VNXSNZ.exe
    O4 - HKLM\..\Run: [secure] C:\WINDOWS\SYSTEM\ATGNYK.exe
    O4 - HKLM\..\Run: [Ltk] C:\WINDOWS\SYSTEM\Msk.exe
    O4 - HKLM\..\Run: [Qtu] C:\WINDOWS\Qhg.exe
    O4 - HKLM\..\Run: [Ldj] C:\WINDOWS\SYSTEM\Bkq.exe
    O4 - HKLM\..\Run: [Dnp] C:\WINDOWS\Itj.exe
    O4 - HKLM\..\Run: [Qod] C:\WINDOWS\SYSTEM\Gcp.exe
    O4 - HKLM\..\Run: [Lhq] C:\WINDOWS\SYSTEM\Tft.exe
    O4 - HKLM\..\Run: [Aqs] C:\WINDOWS\SYSTEM\Vsn.exe
    O4 - HKLM\..\Run: [Kes] C:\WINDOWS\Aim.exe
    O4 - HKLM\..\Run: [Lul] C:\WINDOWS\Oml.exe
    O4 - HKLM\..\Run: [Idf] C:\WINDOWS\SYSTEM\Drn.exe
    O4 - HKLM\..\Run: [Qiv] C:\WINDOWS\Bve.exe
    O4 - HKLM\..\Run: [Cqv] C:\WINDOWS\Lft.exe
    O4 - HKLM\..\Run: [Iif] C:\WINDOWS\Evp.exe
    O4 - HKLM\..\Run: [Flg] C:\WINDOWS\SYSTEM\Nao.exe
    O4 - HKLM\..\Run: [Fmk] C:\WINDOWS\Oma.exe
    O4 - HKLM\..\Run: [Lku] C:\WINDOWS\Sno.exe
    O4 - HKLM\..\Run: [Dut] C:\WINDOWS\SYSTEM\Oud.exe
    O4 - HKLM\..\Run: [Pkf] C:\WINDOWS\Saj.exe
    O4 - HKLM\..\Run: [Ikf] C:\WINDOWS\SYSTEM\Ejp.exe
    O4 - HKLM\..\Run: [Cvp] C:\WINDOWS\Svd.exe
    O4 - HKLM\..\Run: [Aht] C:\WINDOWS\SYSTEM\Qno.exe
    O4 - HKLM\..\Run: [Sgj] C:\WINDOWS\SYSTEM\Dun.exe
    O4 - HKLM\..\Run: [Ukg] C:\WINDOWS\SYSTEM\Ufd.exe
    O4 - HKLM\..\Run: [Opt] C:\WINDOWS\SYSTEM\Krc.exe
    O4 - HKLM\..\Run: [Gvb] C:\WINDOWS\SYSTEM\Qrh.exe
    O4 - HKLM\..\Run: [Avf] C:\WINDOWS\SYSTEM\Hnn.exe
    O4 - HKLM\..\Run: [Mim] C:\WINDOWS\SYSTEM\Hjf.exe
    O4 - HKLM\..\Run: [Qqb] C:\WINDOWS\Qvn.exe
    O4 - HKLM\..\Run: [Lmi] C:\WINDOWS\SYSTEM\Nqv.exe
    O4 - HKLM\..\Run: [Obc] C:\WINDOWS\SYSTEM\Utd.exe
    O4 - HKLM\..\Run: [Pcs] C:\WINDOWS\Keh.exe
    O4 - HKLM\..\Run: [Osv] C:\WINDOWS\Tqj.exe
    O4 - HKLM\..\Run: [Ajd] C:\WINDOWS\Tbs.exe
    O4 - HKLM\..\Run: [Ldt] C:\WINDOWS\SYSTEM\Nrd.exe
    O4 - HKLM\..\Run: [Sdm] C:\WINDOWS\SYSTEM\Tsn.exe
    O4 - HKLM\..\Run: [Jph] C:\WINDOWS\SYSTEM\Msi.exe
    O4 - HKLM\..\Run: [Ttl] C:\WINDOWS\Ljj.exe
    O4 - HKLM\..\Run: [Nvf] C:\WINDOWS\Ujs.exe
    O4 - HKLM\..\Run: [Vgh] C:\WINDOWS\Jph.exe
    O4 - HKLM\..\Run: [Ttk] C:\WINDOWS\SYSTEM\Gkm.exe
    O4 - HKLM\..\Run: [Dor] C:\WINDOWS\Qhi.exe
    O4 - HKLM\..\Run: [Rdq] C:\WINDOWS\SYSTEM\Qdh.exe
    O4 - HKLM\..\Run: [Pns] C:\WINDOWS\Ppu.exe
    O4 - HKLM\..\Run: [Jki] C:\WINDOWS\Vjl.exe
    O4 - HKLM\..\Run: [Cdycd] C:\PROGRAM FILES\MOGTETY\EOKYYC.EXE
    O4 - HKLM\..\Run: [Jsc] C:\WINDOWS\SYSTEM\Dmg.exe
    O4 - HKLM\..\Run: [Qjl] C:\WINDOWS\Gvv.exe
    O4 - HKLM\..\Run: [Klr] C:\WINDOWS\Cdl.exe
    O4 - HKLM\..\Run: [Vei] C:\WINDOWS\SYSTEM\Nal.exe
    O4 - HKLM\..\Run: [Muk] C:\WINDOWS\SYSTEM\Nfg.exe
    O4 - HKLM\..\Run: [Krj] C:\WINDOWS\Rgt.exe
    O4 - HKLM\..\Run: [Bnm] C:\WINDOWS\SYSTEM\Kfq.exe
    O4 - HKLM\..\Run: [Qch] C:\WINDOWS\SYSTEM\Poa.exe
    O4 - HKLM\..\Run: [Eib] C:\WINDOWS\Cqn.exe
    O4 - HKLM\..\Run: [Kig] C:\WINDOWS\SYSTEM\Nrp.exe
    O4 - HKLM\..\Run: [Jif] C:\WINDOWS\SYSTEM\Gcp.exe
    O4 - HKLM\..\Run: [Ilr] C:\WINDOWS\Qbe.exe
    O4 - HKLM\..\Run: [Tpd] C:\WINDOWS\SYSTEM\Dsn.exe
    O4 - HKLM\..\Run: [Plu] C:\WINDOWS\Evp.exe
    O4 - HKLM\..\Run: [Nqh] C:\WINDOWS\SYSTEM\Rvm.exe
    O4 - HKLM\..\Run: [Abs] C:\WINDOWS\SYSTEM\Kap.exe
    O4 - HKLM\..\Run: [LHigVTnGb] C:\LCECHR.EXE
    O4 - HKLM\..\Run: [Uvc] C:\WINDOWS\Fck.exe
    O4 - HKLM\..\Run: [Dcj] C:\WINDOWS\SYSTEM\Oem.exe
    O4 - HKLM\..\Run: [Ehs] C:\WINDOWS\Efv.exe
    O4 - HKLM\..\Run: [Uno] C:\WINDOWS\Oal.exe
    O4 - HKLM\..\Run: [Uri] C:\WINDOWS\SYSTEM\Qkm.exe
    O4 - HKLM\..\Run: [Kvt] C:\WINDOWS\Bdk.exe
    O4 - HKLM\..\Run: [Rss] C:\WINDOWS\SYSTEM\Jvl.exe
    O4 - HKLM\..\Run: [Atc] C:\WINDOWS\SYSTEM\Omo.exe
    O4 - HKLM\..\Run: [LHigV÷h$vùõš/‚²â€˜Ã†ßC:\Program Files\ISTsvc\istsvc.exe] C:\LCECHR.EXE
    O4 - HKLM\..\Run: [Pou] C:\WINDOWS\SYSTEM\Que.exe
    O4 - HKLM\..\Run: [Snd] C:\WINDOWS\SYSTEM\Llu.exe
    O4 - HKLM\..\Run: [Lna] C:\WINDOWS\SYSTEM\Bri.exe
    O4 - HKLM\..\Run: [Kdl] C:\WINDOWS\Ice.exe
    O4 - HKLM\..\Run: [Vdc] C:\WINDOWS\Bgn.exe
    O4 - HKLM\..\Run: [Ctu] C:\WINDOWS\SYSTEM\Vnv.exe
    O4 - HKLM\..\Run: [Ivp] C:\WINDOWS\SYSTEM\Gja.exe
    O4 - HKLM\..\Run: [Vso] C:\WINDOWS\Rsd.exe
    O4 - HKLM\..\Run: [Tme] C:\WINDOWS\SYSTEM\Otl.exe
    O4 - HKLM\..\Run: [Vtf] C:\WINDOWS\SYSTEM\Eue.exe
    O4 - HKLM\..\Run: [Jlg] C:\WINDOWS\SYSTEM\Oos.exe
    O4 - HKLM\..\Run: [Gnm] C:\WINDOWS\Edu.exe
    O4 - HKLM\..\Run: [Tnu] C:\WINDOWS\SYSTEM\Qnk.exe
    O4 - HKLM\..\Run: [Pmv] C:\WINDOWS\SYSTEM\Jem.exe
    O4 - HKLM\..\Run: [Mom] C:\WINDOWS\Mdl.exe
    O4 - HKLM\..\Run: [Dus] C:\WINDOWS\SYSTEM\Jjb.exe
    O4 - HKLM\..\Run: [Kkc] C:\WINDOWS\Ien.exe
    O4 - HKLM\..\Run: [Ojh] C:\WINDOWS\SYSTEM\Hcp.exe
    O4 - HKLM\..\Run: [Ggk] C:\WINDOWS\Jgt.exe
    O4 - HKLM\..\Run: [Vkd] C:\WINDOWS\Qdt.exe
    O4 - HKLM\..\Run: [Kor] C:\WINDOWS\SYSTEM\Bch.exe
    O4 - HKLM\..\Run: [Ikm] C:\WINDOWS\SYSTEM\Tmu.exe
    O4 - HKLM\..\Run: [Cre] C:\WINDOWS\SYSTEM\Ask.exe
    O4 - HKLM\..\Run: [Cmq] C:\WINDOWS\Ugt.exe
    O4 - HKLM\..\Run: [Hhu] C:\WINDOWS\SYSTEM\Faj.exe
    O4 - HKLM\..\Run: [Vjb] C:\WINDOWS\SYSTEM\Lqt.exe
    O4 - HKLM\..\Run: [Rpm] C:\WINDOWS\Tsj.exe
    O4 - HKLM\..\Run: [Lus] C:\WINDOWS\SYSTEM\Otu.exe
    O4 - HKLM\..\Run: [Tkn] C:\WINDOWS\Gro.exe
    O4 - HKLM\..\Run: [Ivc] C:\WINDOWS\Uff.exe
    O4 - HKLM\..\Run: [SurfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe
    O4 - HKLM\..\Run: [Kbr] C:\WINDOWS\Vnb.exe
    O4 - HKLM\..\Run: [Pfa] C:\WINDOWS\SYSTEM\Nrd.exe
    O4 - HKLM\..\Run: [Gdq] C:\WINDOWS\Fuf.exe
    O4 - HKLM\..\Run: [Csl] C:\WINDOWS\Ilk.exe
    O4 - HKLM\..\Run: [Ijm] C:\WINDOWS\SYSTEM\Phr.exe
    O4 - HKLM\..\Run: [Jag] C:\WINDOWS\SYSTEM\Jsu.exe
    O4 - HKLM\..\Run: [Dmo] C:\WINDOWS\SYSTEM\Knh.exe
    O4 - HKLM\..\Run: [Jrm] C:\WINDOWS\SYSTEM\Lud.exe
    O4 - HKLM\..\Run: [Bjv] C:\WINDOWS\Dcc.exe
    O4 - HKLM\..\Run: [Gjg] C:\WINDOWS\SYSTEM\Iil.exe
    O4 - HKLM\..\Run: [Nbe] C:\WINDOWS\SYSTEM\Qac.exe
    O4 - HKLM\..\Run: [Ksb] C:\WINDOWS\Uhh.exe
    O4 - HKLM\..\Run: [Bka] C:\WINDOWS\SYSTEM\Kfk.exe
    O4 - HKLM\..\Run: [Mtt] C:\WINDOWS\SYSTEM\Qiq.exe
    O4 - HKLM\..\Run: [Fev] C:\WINDOWS\Qlq.exe
    O4 - HKLM\..\Run: [Ifh] C:\WINDOWS\SYSTEM\Ibj.exe
    O4 - HKLM\..\Run: [Qqe] C:\WINDOWS\Jhj.exe
    O4 - HKLM\..\Run: [Scq] C:\WINDOWS\Ned.exe
    O4 - HKLM\..\Run: [Jgi] C:\WINDOWS\SYSTEM\Mej.exe
    O4 - HKLM\..\Run: [Uqs] C:\WINDOWS\SYSTEM\Lpi.exe
    O4 - HKLM\..\Run: [Tra] C:\WINDOWS\SYSTEM\Kkc.exe
    O4 - HKLM\..\Run: [Keo] C:\WINDOWS\Hdo.exe
    O4 - HKLM\..\Run: [Eqh] C:\WINDOWS\Ora.exe
    O4 - HKLM\..\Run: [Ung] C:\WINDOWS\SYSTEM\Tsd.exe
    O4 - HKLM\..\Run: [Bkb] C:\WINDOWS\SYSTEM\Pqv.exe
    O4 - HKLM\..\Run: [Vmd] C:\WINDOWS\SYSTEM\Bhc.exe
    O4 - HKLM\..\Run: [Dap] C:\WINDOWS\Kak.exe
    O4 - HKLM\..\Run: [Qdk] C:\WINDOWS\SYSTEM\Mkl.exe
    O4 - HKLM\..\Run: [Sgm] C:\WINDOWS\Fcu.exe
    O4 - HKLM\..\Run: [Eav] C:\WINDOWS\Hhe.exe
    O4 - HKLM\..\Run: [Tlq] C:\WINDOWS\Umu.exe
    O4 - HKLM\..\Run: [Qfs] C:\WINDOWS\Roa.exe
    O4 - HKLM\..\Run: [Jou] C:\WINDOWS\SYSTEM\Pna.exe
    O4 - HKLM\..\Run: [Iod] C:\WINDOWS\Ujo.exe
    O4 - HKLM\..\Run: [Vur] C:\WINDOWS\SYSTEM\Kpo.exe
    O4 - HKLM\..\Run: [Gfc] C:\WINDOWS\SYSTEM\Trq.exe
    O4 - HKLM\..\Run: [Lod] C:\WINDOWS\Gjc.exe
    O4 - HKLM\..\Run: [Dvb] C:\WINDOWS\SYSTEM\Hfu.exe
    O4 - HKLM\..\Run: [Vhu] C:\WINDOWS\SYSTEM\Btu.exe
    O4 - HKLM\..\Run: [Hed] C:\WINDOWS\SYSTEM\Sth.exe
    O4 - HKLM\..\Run: [Vlr] C:\WINDOWS\SYSTEM\Pti.exe
    O4 - HKLM\..\Run: [Pnm] C:\WINDOWS\SYSTEM\Mfu.exe
    O4 - HKLM\..\Run: [Vrn] C:\WINDOWS\SYSTEM\Eui.exe
    O4 - HKLM\..\Run: [Itq] C:\WINDOWS\Hph.exe
    O4 - HKLM\..\Run: [Emi] C:\WINDOWS\SYSTEM\Gjs.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
    O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
    O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SAgent2ExePath] C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    O4 - HKCU\..\Run: [Mirabilis ICQ] C:\Program Files\ICQ\NDetect.exe
    O4 - HKCU\..\Run: [Jro] C:\WINDOWS\SYSTEM\Nns.exe
    O4 - HKCU\..\Run: [Ajk] C:\WINDOWS\SYSTEM\Sla.exe
    O4 - HKCU\..\Run: [Qkk] C:\WINDOWS\SYSTEM\Vfe.exe
    O4 - HKCU\..\Run: [Vlc] C:\WINDOWS\SYSTEM\Jle.exe
    O4 - HKCU\..\Run: [Nfp] C:\WINDOWS\Paf.exe
    O4 - HKCU\..\Run: [Umk] C:\WINDOWS\SYSTEM\Tjv.exe
    O4 - HKCU\..\Run: [Ltk] C:\WINDOWS\SYSTEM\Msk.exe
    O4 - HKCU\..\Run: [Qtu] C:\WINDOWS\Qhg.exe
    O4 - HKCU\..\Run: [Ldj] C:\WINDOWS\SYSTEM\Bkq.exe
    O4 - HKCU\..\Run: [Dnp] C:\WINDOWS\Itj.exe
    O4 - HKCU\..\Run: [Qod] C:\WINDOWS\SYSTEM\Gcp.exe
    O4 - HKCU\..\Run: [Lhq] C:\WINDOWS\SYSTEM\Tft.exe
    O4 - HKCU\..\Run: [Aqs] C:\WINDOWS\SYSTEM\Vsn.exe
    O4 - HKCU\..\Run: [Kes] C:\WINDOWS\Aim.exe
    O4 - HKCU\..\Run: [Lul] C:\WINDOWS\Oml.exe
    O4 - HKCU\..\Run: [Idf] C:\WINDOWS\SYSTEM\Drn.exe
    O4 - HKCU\..\Run: [Qiv] C:\WINDOWS\Bve.exe
    O4 - HKCU\..\Run: [Cqv] C:\WINDOWS\Lft.exe
    O4 - HKCU\..\Run: [Iif] C:\WINDOWS\Evp.exe
    O4 - HKCU\..\Run: [Flg] C:\WINDOWS\SYSTEM\Nao.exe
    O4 - HKCU\..\Run: [Fmk] C:\WINDOWS\Oma.exe
    O4 - HKCU\..\Run: [Lku] C:\WINDOWS\Sno.exe
    O4 - HKCU\..\Run: [Dut] C:\WINDOWS\SYSTEM\Oud.exe
    O4 - HKCU\..\Run: [Pkf] C:\WINDOWS\Saj.exe
    O4 - HKCU\..\Run: [Ikf] C:\WINDOWS\SYSTEM\Ejp.exe
    O4 - HKCU\..\Run: [Cvp] C:\WINDOWS\Svd.exe
    O4 - HKCU\..\Run: [Aht] C:\WINDOWS\SYSTEM\Qno.exe
    O4 - HKCU\..\Run: [Licggl] C:\WINDOWS\SYSTEM\iryqfxqd.exe
    O4 - HKCU\..\Run: [Sgj] C:\WINDOWS\SYSTEM\Dun.exe
    O4 - HKCU\..\Run: [Ukg] C:\WINDOWS\SYSTEM\Ufd.exe
    O4 - HKCU\..\Run: [Opt] C:\WINDOWS\SYSTEM\Krc.exe
    O4 - HKCU\..\Run: [Gvb] C:\WINDOWS\SYSTEM\Qrh.exe
    O4 - HKCU\..\Run: [Avf] C:\WINDOWS\SYSTEM\Hnn.exe
    O4 - HKCU\..\Run: [Mim] C:\WINDOWS\SYSTEM\Hjf.exe
    O4 - HKCU\..\Run: [Qqb] C:\WINDOWS\Qvn.exe
    O4 - HKCU\..\Run: [Lmi] C:\WINDOWS\SYSTEM\Nqv.exe
    O4 - HKCU\..\Run: [Obc] C:\WINDOWS\SYSTEM\Utd.exe
    O4 - HKCU\..\Run: [Pcs] C:\WINDOWS\Keh.exe
    O4 - HKCU\..\Run: [Osv] C:\WINDOWS\Tqj.exe
    O4 - HKCU\..\Run: [Ajd] C:\WINDOWS\Tbs.exe
    O4 - HKCU\..\Run: [Ldt] C:\WINDOWS\SYSTEM\Nrd.exe
    O4 - HKCU\..\Run: [Sdm] C:\WINDOWS\SYSTEM\Tsn.exe
    O4 - HKCU\..\Run: [Jph] C:\WINDOWS\SYSTEM\Msi.exe
    O4 - HKCU\..\Run: [Ttl] C:\WINDOWS\Ljj.exe
    O4 - HKCU\..\Run: [Nvf] C:\WINDOWS\Ujs.exe
    O4 - HKCU\..\Run: [Vgh] C:\WINDOWS\Jph.exe
    O4 - HKCU\..\Run: [Ttk] C:\WINDOWS\SYSTEM\Gkm.exe
    O4 - HKCU\..\Run: [Dor] C:\WINDOWS\Qhi.exe
    O4 - HKCU\..\Run: [Rdq] C:\WINDOWS\SYSTEM\Qdh.exe
    O4 - HKCU\..\Run: [Pns] C:\WINDOWS\Ppu.exe
    O4 - HKCU\..\Run: [Jki] C:\WINDOWS\Vjl.exe
    O4 - HKCU\..\Run: [Jsc] C:\WINDOWS\SYSTEM\Dmg.exe
    O4 - HKCU\..\Run: [Qjl] C:\WINDOWS\Gvv.exe
    O4 - HKCU\..\Run: [Klr] C:\WINDOWS\Cdl.exe
    O4 - HKCU\..\Run: [Vei] C:\WINDOWS\SYSTEM\Nal.exe
    O4 - HKCU\..\Run: [Muk] C:\WINDOWS\SYSTEM\Nfg.exe
    O4 - HKCU\..\Run: [Krj] C:\WINDOWS\Rgt.exe
    O4 - HKCU\..\Run: [Bnm] C:\WINDOWS\SYSTEM\Kfq.exe
    O4 - HKCU\..\Run: [Qch] C:\WINDOWS\SYSTEM\Poa.exe
    O4 - HKCU\..\Run: [Eib] C:\WINDOWS\Cqn.exe
    O4 - HKCU\..\Run: [Kig] C:\WINDOWS\SYSTEM\Nrp.exe
    O4 - HKCU\..\Run: [Jif] C:\WINDOWS\SYSTEM\Gcp.exe
    O4 - HKCU\..\Run: [Ilr] C:\WINDOWS\Qbe.exe
    O4 - HKCU\..\Run: [Tpd] C:\WINDOWS\SYSTEM\Dsn.exe
    O4 - HKCU\..\Run: [Plu] C:\WINDOWS\Evp.exe
    O4 - HKCU\..\Run: [Nqh] C:\WINDOWS\SYSTEM\Rvm.exe
    O4 - HKCU\..\Run: [Abs] C:\WINDOWS\SYSTEM\Kap.exe
    O4 - HKCU\..\Run: [Uvc] C:\WINDOWS\Fck.exe
    O4 - HKCU\..\Run: [Dcj] C:\WINDOWS\SYSTEM\Oem.exe
    O4 - HKCU\..\Run: [Ehs] C:\WINDOWS\Efv.exe
    O4 - HKCU\..\Run: [Uno] C:\WINDOWS\Oal.exe
    O4 - HKCU\..\Run: [Uri] C:\WINDOWS\SYSTEM\Qkm.exe
    O4 - HKCU\..\Run: [Kvt] C:\WINDOWS\Bdk.exe
    O4 - HKCU\..\Run: [Rss] C:\WINDOWS\SYSTEM\Jvl.exe
    O4 - HKCU\..\Run: [Atc] C:\WINDOWS\SYSTEM\Omo.exe
    O4 - HKCU\..\Run: [Pou] C:\WINDOWS\SYSTEM\Que.exe
    O4 - HKCU\..\Run: [Snd] C:\WINDOWS\SYSTEM\Llu.exe
    O4 - HKCU\..\Run: [Lna] C:\WINDOWS\SYSTEM\Bri.exe
    O4 - HKCU\..\Run: [Kdl] C:\WINDOWS\Ice.exe
    O4 - HKCU\..\Run: [Vdc] C:\WINDOWS\Bgn.exe
    O4 - HKCU\..\Run: [Ctu] C:\WINDOWS\SYSTEM\Vnv.exe
    O4 - HKCU\..\Run: [Ivp] C:\WINDOWS\SYSTEM\Gja.exe
    O4 - HKCU\..\Run: [Vso] C:\WINDOWS\Rsd.exe
    O4 - HKCU\..\Run: [Tme] C:\WINDOWS\SYSTEM\Otl.exe
    O4 - HKCU\..\Run: [Vtf] C:\WINDOWS\SYSTEM\Eue.exe
    O4 - HKCU\..\Run: [Jlg] C:\WINDOWS\SYSTEM\Oos.exe
    O4 - HKCU\..\Run: [Gnm] C:\WINDOWS\Edu.exe
    O4 - HKCU\..\Run: [Tnu] C:\WINDOWS\SYSTEM\Qnk.exe
    O4 - HKCU\..\Run: [Pmv] C:\WINDOWS\SYSTEM\Jem.exe
    O4 - HKCU\..\Run: [Mom] C:\WINDOWS\Mdl.exe
    O4 - HKCU\..\Run: [Dus] C:\WINDOWS\SYSTEM\Jjb.exe
    O4 - HKCU\..\Run: [Kkc] C:\WINDOWS\Ien.exe
    O4 - HKCU\..\Run: [Ojh] C:\WINDOWS\SYSTEM\Hcp.exe
    O4 - HKCU\..\Run: [Ggk] C:\WINDOWS\Jgt.exe
    O4 - HKCU\..\Run: [Vkd] C:\WINDOWS\Qdt.exe
    O4 - HKCU\..\Run: [Kor] C:\WINDOWS\SYSTEM\Bch.exe
    O4 - HKCU\..\Run: [Ikm] C:\WINDOWS\SYSTEM\Tmu.exe
    O4 - HKCU\..\Run: [Cre] C:\WINDOWS\SYSTEM\Ask.exe
    O4 - HKCU\..\Run: [Cmq] C:\WINDOWS\Ugt.exe
    O4 - HKCU\..\Run: [Hhu] C:\WINDOWS\SYSTEM\Faj.exe
    O4 - HKCU\..\Run: [Vjb] C:\WINDOWS\SYSTEM\Lqt.exe
    O4 - HKCU\..\Run: [Rpm] C:\WINDOWS\Tsj.exe
    O4 - HKCU\..\Run: [Lus] C:\WINDOWS\SYSTEM\Otu.exe
    O4 - HKCU\..\Run: [Tkn] C:\WINDOWS\Gro.exe
    O4 - HKCU\..\Run: [Ivc] C:\WINDOWS\Uff.exe
    O4 - HKCU\..\Run: [Kbr] C:\WINDOWS\Vnb.exe
    O4 - HKCU\..\Run: [Pfa] C:\WINDOWS\SYSTEM\Nrd.exe
    O4 - HKCU\..\Run: [Gdq] C:\WINDOWS\Fuf.exe
    O4 - HKCU\..\Run: [Csl] C:\WINDOWS\Ilk.exe
    O4 - HKCU\..\Run: [Ijm] C:\WINDOWS\SYSTEM\Phr.exe
    O4 - HKCU\..\Run: [Jag] C:\WINDOWS\SYSTEM\Jsu.exe
    O4 - HKCU\..\Run: [Dmo] C:\WINDOWS\SYSTEM\Knh.exe
    O4 - HKCU\..\Run: [Jrm] C:\WINDOWS\SYSTEM\Lud.exe
    O4 - HKCU\..\Run: [Bjv] C:\WINDOWS\Dcc.exe
    O4 - HKCU\..\Run: [Gjg] C:\WINDOWS\SYSTEM\Iil.exe
    O4 - HKCU\..\Run: [Nbe] C:\WINDOWS\SYSTEM\Qac.exe
    O4 - HKCU\..\Run: [Ksb] C:\WINDOWS\Uhh.exe
    O4 - HKCU\..\Run: [Bka] C:\WINDOWS\SYSTEM\Kfk.exe
    O4 - HKCU\..\Run: [Mtt] C:\WINDOWS\SYSTEM\Qiq.exe
    O4 - HKCU\..\Run: [Fev] C:\WINDOWS\Qlq.exe
    O4 - HKCU\..\Run: [Ifh] C:\WINDOWS\SYSTEM\Ibj.exe
    O4 - HKCU\..\Run: [Qqe] C:\WINDOWS\Jhj.exe
    O4 - HKCU\..\Run: [Scq] C:\WINDOWS\Ned.exe
    O4 - HKCU\..\Run: [Jgi] C:\WINDOWS\SYSTEM\Mej.exe
    O4 - HKCU\..\Run: [Uqs] C:\WINDOWS\SYSTEM\Lpi.exe
    O4 - HKCU\..\Run: [Tra] C:\WINDOWS\SYSTEM\Kkc.exe
    O4 - HKCU\..\Run: [Keo] C:\WINDOWS\Hdo.exe
    O4 - HKCU\..\Run: [Eqh] C:\WINDOWS\Ora.exe
    O4 - HKCU\..\Run: [Ung] C:\WINDOWS\SYSTEM\Tsd.exe
    O4 - HKCU\..\Run: [Bkb] C:\WINDOWS\SYSTEM\Pqv.exe
    O4 - HKCU\..\Run: [Vmd] C:\WINDOWS\SYSTEM\Bhc.exe
    O4 - HKCU\..\Run: [Dap] C:\WINDOWS\Kak.exe
    O4 - HKCU\..\Run: [Qdk] C:\WINDOWS\SYSTEM\Mkl.exe
    O4 - HKCU\..\Run: [Sgm] C:\WINDOWS\Fcu.exe
    O4 - HKCU\..\Run: [Eav] C:\WINDOWS\Hhe.exe
    O4 - HKCU\..\Run: [Tlq] C:\WINDOWS\Umu.exe
    O4 - HKCU\..\Run: [Qfs] C:\WINDOWS\Roa.exe
    O4 - HKCU\..\Run: [Jou] C:\WINDOWS\SYSTEM\Pna.exe
    O4 - HKCU\..\Run: [Iod] C:\WINDOWS\Ujo.exe
    O4 - HKCU\..\Run: [Vur] C:\WINDOWS\SYSTEM\Kpo.exe
    O4 - HKCU\..\Run: [Gfc] C:\WINDOWS\SYSTEM\Trq.exe
    O4 - HKCU\..\Run: [Lod] C:\WINDOWS\Gjc.exe
    O4 - HKCU\..\Run: [Dvb] C:\WINDOWS\SYSTEM\Hfu.exe
    O4 - HKCU\..\Run: [Vhu] C:\WINDOWS\SYSTEM\Btu.exe
    O4 - HKCU\..\Run: [Hed] C:\WINDOWS\SYSTEM\Sth.exe
    O4 - HKCU\..\Run: [Vlr] C:\WINDOWS\SYSTEM\Pti.exe
    O4 - HKCU\..\Run: [Pnm] C:\WINDOWS\SYSTEM\Mfu.exe
    O4 - HKCU\..\Run: [Vrn] C:\WINDOWS\SYSTEM\Eui.exe
    O4 - HKCU\..\Run: [Itq] C:\WINDOWS\Hph.exe
    O4 - HKCU\..\Run: [Emi] C:\WINDOWS\SYSTEM\Gjs.exe
    O4 - HKCU\..\Run: [Deoa] "C:\WINDOWS\sshs\netdde.exe" -vt ndrv
    O4 - Startup: America Online 5.0 Tray Icon.lnk = C:\America Online 5.0\aoltray.exe
    O4 - Startup: InControl Desktop Manager.lnk = C:\Program Files\Diamond\InControl Tools 95\DMHKEY.EXE
    O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
    O4 - Startup: Microsoft Office Shortcut Bar.lnk = C:\Program Files\Microsoft Office\Office\MSOFFICE.EXE
    O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    O4 - Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\SYSTEM\E_SRCV02.EXE
    O9 - Extra button: RealGuide - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM95\AIM.EXE
    O15 - Trusted Zone: *.iframedollars.biz
    O15 - Trusted Zone: *.iframedollars.biz (HKLM)
    O15 - Trusted IP range: 67.19.185.246
    O15 - Trusted IP range: 67.19.185.246 (HKLM)
     
    BillB,
    #1
  2. 2006/03/10
    BillB Lifetime Subscription

    BillB Well-Known Member Thread Starter

    Joined:
    2003/03/18
    Messages:
    750
    Likes Received:
    0
    I decided this was too messed up to try to clean it up. I talked with my sister-in-law and she said there wasn't anything on it that she needed so I'm formatting and reinstalling windows. I'll be installing anti-spyware/virus software as well before it's returned to her.
     
    BillB,
    #2


  3. to hide this advert.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...