Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:46:57 AM, on 9/15/2009
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\regsvc.exe
C:\WINDOWS\system32\MSTask.exe
C:\WINDOWS\System32\WBEM\WinMgmt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\Atiptaxx.exe
C:\WINDOWS\system32\qttask.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\All Users\Application Data\be05e\WI748.exe
C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\default\Desktop\winlogon.scr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://desktop.presario.net/scripts/redirectors/presario/deskredir.dll?c=3c00&s=consumer&LC=0409
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.peoplepc.com/search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=3c00&s=searchbar&LC=0409
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=3c00&s=searchbar&LC=0409
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R3 - URLSearchHook: (no name) - {A8FB8EB3-183B-4598-924D-86F0E5E37085} - (no file)
O1 - Hosts: 74.125.45.100 4-open-davinci.com
O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getavplusnow.com
O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com
O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com
O1 - Hosts: 64.86.17.32 google.ae
O1 - Hosts: 64.86.17.32 google.as
O1 - Hosts: 64.86.17.32 google.at
O1 - Hosts: 64.86.17.32 google.az
O1 - Hosts: 64.86.17.32 google.ba
O1 - Hosts: 64.86.17.32 google.be
O1 - Hosts: 64.86.17.32 google.bg
O1 - Hosts: 64.86.17.32 google.bs
O1 - Hosts: 64.86.17.32 google.ca
O1 - Hosts: 64.86.17.32 google.cd
O1 - Hosts: 64.86.17.32 google.com.gh
O1 - Hosts: 64.86.17.32 google.com.hk
O1 - Hosts: 64.86.17.32 google.com.jm
O1 - Hosts: 64.86.17.32 google.com.mx
O1 - Hosts: 64.86.17.32 google.com.my
O1 - Hosts: 64.86.17.32 google.com.na
O1 - Hosts: 64.86.17.32 google.com.nf
O1 - Hosts: 64.86.17.32 google.com.ng
O1 - Hosts: 64.86.17.32 google.ch
O1 - Hosts: 64.86.17.32 google.com.np
O1 - Hosts: 64.86.17.32 google.com.pr
O1 - Hosts: 64.86.17.32 google.com.qa
O1 - Hosts: 64.86.17.32 google.com.sg
O1 - Hosts: 64.86.17.32 google.com.tj
O1 - Hosts: 64.86.17.32 google.com.tw
O1 - Hosts: 64.86.17.32 google.dj
O1 - Hosts: 64.86.17.32 google.de
O1 - Hosts: 64.86.17.32 google.dk
O1 - Hosts: 64.86.17.32 google.dm
O1 - Hosts: 64.86.17.32 google.ee
O1 - Hosts: 64.86.17.32 google.fi
O1 - Hosts: 64.86.17.32 google.fm
O1 - Hosts: 64.86.17.32 google.fr
O1 - Hosts: 64.86.17.32 google.ge
O1 - Hosts: 64.86.17.32 google.gg
O1 - Hosts: 64.86.17.32 google.gm
O1 - Hosts: 64.86.17.32 google.gr
O1 - Hosts: 64.86.17.32 google.ht
O1 - Hosts: 64.86.17.32 google.ie
O1 - Hosts: 64.86.17.32 google.im
O1 - Hosts: 64.86.17.32 google.in
O1 - Hosts: 64.86.17.32 google.it
O1 - Hosts: 64.86.17.32 google.ki
O1 - Hosts: 64.86.17.32 google.la
O1 - Hosts: 64.86.17.32 google.li
O1 - Hosts: 64.86.17.32 google.lv
O1 - Hosts: 64.86.17.32 google.ma
O1 - Hosts: 64.86.17.32 google.ms
O1 - Hosts: 64.86.17.32 google.mu
O1 - Hosts: 64.86.17.32 google.mw
O1 - Hosts: 64.86.17.32 google.nl
O1 - Hosts: 64.86.17.32 google.no
O1 - Hosts: 64.86.17.32 google.nr
O1 - Hosts: 64.86.17.32 google.nu
O1 - Hosts: 64.86.17.32 google.pl
O1 - Hosts: 64.86.17.32 google.pn
O1 - Hosts: 64.86.17.32 google.pt
O1 - Hosts: 64.86.17.32 google.ro
O1 - Hosts: 64.86.17.32 google.ru
O1 - Hosts: 64.86.17.32 google.rw
O1 - Hosts: 64.86.17.32 google.sc
O1 - Hosts: 64.86.17.32 google.se
O1 - Hosts: 64.86.17.32 google.sh
O1 - Hosts: 64.86.17.32 google.si
O1 - Hosts: 64.86.17.32 google.sm
O1 - Hosts: 64.86.17.32 google.sn
O1 - Hosts: 64.86.17.32 google.st
O1 - Hosts: 64.86.17.32 google.tl
O1 - Hosts: 64.86.17.32 google.tm
O1 - Hosts: 64.86.17.32 google.tt
O1 - Hosts: 64.86.17.32 google.us
O1 - Hosts: 64.86.17.32 google.vu
O1 - Hosts: 64.86.17.32 google.ws
O1 - Hosts: 64.86.17.32 google.co.ck
O1 - Hosts: 64.86.17.32 google.co.id
O1 - Hosts: 64.86.17.32 google.co.il
O1 - Hosts: 64.86.17.32 google.co.in
O1 - Hosts: 64.86.17.32 google.co.jp
O1 - Hosts: 64.86.17.32 google.co.kr
O1 - Hosts: 64.86.17.32 google.co.ls
O1 - Hosts: 64.86.17.32 google.co.ma
O1 - Hosts: 64.86.17.32 google.co.nz
O1 - Hosts: 64.86.17.32 google.co.tz
O1 - Hosts: 64.86.17.32 google.co.ug
O1 - Hosts: 64.86.17.32 google.co.uk
O1 - Hosts: 64.86.17.32 google.co.za
O1 - Hosts: 64.86.17.32 google.co.zm
O1 - Hosts: 64.86.17.32 google.com
O1 - Hosts: 64.86.17.32 google.com.af
O1 - Hosts: 64.86.17.32 google.com.ag
O2 - BHO: (no name) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Accelerator Plugin - {656EC4B7-072B-4698-B504-2A414C1F0037} - C:\PROGRA~1\PEOPLE~1\PRPL_I~1.DLL (file missing)
O2 - BHO: (no name) - {A8FB8EB3-183B-4598-924D-86F0E5E37085} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL (file missing)
O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Windows Protection Suite] "C:\WINDOWS\All Users\Application Data\be05e\WI748.exe" /s /d
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Startup: VZAccess Manager.lnk = C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe
O9 - Extra button: (no name) - {06FE5D02-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avlinksearch&c=3c00&LC=0409 (file missing)
O9 - Extra 'Tools' menuitem: &Find Pages Linking to this URL - {06FE5D02-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avlinksearch&c=3c00&LC=0409 (file missing)
O9 - Extra button: (no name) - {06FE5D03-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avhostsearch&c=3c00&LC=0409 (file missing)
O9 - Extra 'Tools' menuitem: Find Other Pages on this &Host - {06FE5D03-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avhostsearch&c=3c00&LC=0409 (file missing)
O9 - Extra button: (no name) - {06FE5D04-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=altavista&c=3c00&LC=0409 (file missing)
O9 - Extra 'Tools' menuitem: AV Live - {06FE5D04-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=altavista&c=3c00&LC=0409 (file missing)
O9 - Extra button: Translate - {06FE5D05-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avbabelfish&c=3c00&LC=0409 (file missing)
O9 - Extra 'Tools' menuitem: AV &Translate - {06FE5D05-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avbabelfish&c=3c00&LC=0409 (file missing)
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL (file missing)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\SHDOCVW.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE (file missing)
O9 - Extra button: (no name) - {2863ACA1-9AA0-4432-8CFE-88C12B3B2E5E} - file://C:\PROGRAM FILES\UPROMISE_REMINDU\Sy1050\Tp1050\scri1050a.htm (file missing) (HKCU)
O9 - Extra button: (no name) - {B48798CE-A2E0-4918-BC00-0F72FBA708E2} - file://C:\PROGRAM FILES\UPROMISE_REMIND_U\UpromisesRemindU\UpromisetRemindU\uproC0.htm (file missing) (HKCU)
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O12 - Plugin for .swf: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npswf32.dll
O12 - Plugin for .wmv: C:\Program Files\Windows Media Player\NPDSPLAY.DLL
O12 - Plugin for .wvx: C:\Program Files\Windows Media Player\NPDSPLAY.DLL
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/PopularScreenSaversInitialSetup1.0.0.8.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.av.aol.com/molbin/shared/mcinsctl/en-us/4,0,0,75/mcinsctl.cab
O16 - DPF: {5F03EAB4-1AD5-11D4-AE99-0050DAC24E8F} - http://www.iwon.com/ct/in_wn/iwonslot1,0,1,5.cab
O16 - DPF: {70522FA0-4656-11D5-B0E9-0050DAC24E8F} - http://cc.iwon.com/ct/pm3/iwonpm_12_1,0,2,5.cab
O16 - DPF: {BAB7B1B6-1FA2-41A2-A0A2-2CF82ACC3CA8} - http://www.topmoxie.com/external/builds/upromise/upro1050_310.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.av.aol.com/molbin/shared/mcgdmgr/en-us/1,0,0,17/mcgdmgr.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AC3AD504-9991-4E0E-9D3F-34056F8BB167}: NameServer = 66.174.95.44 66.174.92.14
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O24 - Desktop Component 0: (no name) - http://ak.imgfarm.com/images/today/pet/021104pet_lg.jpg
O24 - Desktop Component 1: (no name) - http://i1img.com/images/today/user/073002user_lg.jpg
--
End of file - 12526 bytes
Scan saved at 12:46:57 AM, on 9/15/2009
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\regsvc.exe
C:\WINDOWS\system32\MSTask.exe
C:\WINDOWS\System32\WBEM\WinMgmt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\Atiptaxx.exe
C:\WINDOWS\system32\qttask.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\All Users\Application Data\be05e\WI748.exe
C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\default\Desktop\winlogon.scr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://desktop.presario.net/scripts/redirectors/presario/deskredir.dll?c=3c00&s=consumer&LC=0409
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.peoplepc.com/search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=3c00&s=searchbar&LC=0409
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=3c00&s=searchbar&LC=0409
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R3 - URLSearchHook: (no name) - {A8FB8EB3-183B-4598-924D-86F0E5E37085} - (no file)
O1 - Hosts: 74.125.45.100 4-open-davinci.com
O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getavplusnow.com
O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com
O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com
O1 - Hosts: 64.86.17.32 google.ae
O1 - Hosts: 64.86.17.32 google.as
O1 - Hosts: 64.86.17.32 google.at
O1 - Hosts: 64.86.17.32 google.az
O1 - Hosts: 64.86.17.32 google.ba
O1 - Hosts: 64.86.17.32 google.be
O1 - Hosts: 64.86.17.32 google.bg
O1 - Hosts: 64.86.17.32 google.bs
O1 - Hosts: 64.86.17.32 google.ca
O1 - Hosts: 64.86.17.32 google.cd
O1 - Hosts: 64.86.17.32 google.com.gh
O1 - Hosts: 64.86.17.32 google.com.hk
O1 - Hosts: 64.86.17.32 google.com.jm
O1 - Hosts: 64.86.17.32 google.com.mx
O1 - Hosts: 64.86.17.32 google.com.my
O1 - Hosts: 64.86.17.32 google.com.na
O1 - Hosts: 64.86.17.32 google.com.nf
O1 - Hosts: 64.86.17.32 google.com.ng
O1 - Hosts: 64.86.17.32 google.ch
O1 - Hosts: 64.86.17.32 google.com.np
O1 - Hosts: 64.86.17.32 google.com.pr
O1 - Hosts: 64.86.17.32 google.com.qa
O1 - Hosts: 64.86.17.32 google.com.sg
O1 - Hosts: 64.86.17.32 google.com.tj
O1 - Hosts: 64.86.17.32 google.com.tw
O1 - Hosts: 64.86.17.32 google.dj
O1 - Hosts: 64.86.17.32 google.de
O1 - Hosts: 64.86.17.32 google.dk
O1 - Hosts: 64.86.17.32 google.dm
O1 - Hosts: 64.86.17.32 google.ee
O1 - Hosts: 64.86.17.32 google.fi
O1 - Hosts: 64.86.17.32 google.fm
O1 - Hosts: 64.86.17.32 google.fr
O1 - Hosts: 64.86.17.32 google.ge
O1 - Hosts: 64.86.17.32 google.gg
O1 - Hosts: 64.86.17.32 google.gm
O1 - Hosts: 64.86.17.32 google.gr
O1 - Hosts: 64.86.17.32 google.ht
O1 - Hosts: 64.86.17.32 google.ie
O1 - Hosts: 64.86.17.32 google.im
O1 - Hosts: 64.86.17.32 google.in
O1 - Hosts: 64.86.17.32 google.it
O1 - Hosts: 64.86.17.32 google.ki
O1 - Hosts: 64.86.17.32 google.la
O1 - Hosts: 64.86.17.32 google.li
O1 - Hosts: 64.86.17.32 google.lv
O1 - Hosts: 64.86.17.32 google.ma
O1 - Hosts: 64.86.17.32 google.ms
O1 - Hosts: 64.86.17.32 google.mu
O1 - Hosts: 64.86.17.32 google.mw
O1 - Hosts: 64.86.17.32 google.nl
O1 - Hosts: 64.86.17.32 google.no
O1 - Hosts: 64.86.17.32 google.nr
O1 - Hosts: 64.86.17.32 google.nu
O1 - Hosts: 64.86.17.32 google.pl
O1 - Hosts: 64.86.17.32 google.pn
O1 - Hosts: 64.86.17.32 google.pt
O1 - Hosts: 64.86.17.32 google.ro
O1 - Hosts: 64.86.17.32 google.ru
O1 - Hosts: 64.86.17.32 google.rw
O1 - Hosts: 64.86.17.32 google.sc
O1 - Hosts: 64.86.17.32 google.se
O1 - Hosts: 64.86.17.32 google.sh
O1 - Hosts: 64.86.17.32 google.si
O1 - Hosts: 64.86.17.32 google.sm
O1 - Hosts: 64.86.17.32 google.sn
O1 - Hosts: 64.86.17.32 google.st
O1 - Hosts: 64.86.17.32 google.tl
O1 - Hosts: 64.86.17.32 google.tm
O1 - Hosts: 64.86.17.32 google.tt
O1 - Hosts: 64.86.17.32 google.us
O1 - Hosts: 64.86.17.32 google.vu
O1 - Hosts: 64.86.17.32 google.ws
O1 - Hosts: 64.86.17.32 google.co.ck
O1 - Hosts: 64.86.17.32 google.co.id
O1 - Hosts: 64.86.17.32 google.co.il
O1 - Hosts: 64.86.17.32 google.co.in
O1 - Hosts: 64.86.17.32 google.co.jp
O1 - Hosts: 64.86.17.32 google.co.kr
O1 - Hosts: 64.86.17.32 google.co.ls
O1 - Hosts: 64.86.17.32 google.co.ma
O1 - Hosts: 64.86.17.32 google.co.nz
O1 - Hosts: 64.86.17.32 google.co.tz
O1 - Hosts: 64.86.17.32 google.co.ug
O1 - Hosts: 64.86.17.32 google.co.uk
O1 - Hosts: 64.86.17.32 google.co.za
O1 - Hosts: 64.86.17.32 google.co.zm
O1 - Hosts: 64.86.17.32 google.com
O1 - Hosts: 64.86.17.32 google.com.af
O1 - Hosts: 64.86.17.32 google.com.ag
O2 - BHO: (no name) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Accelerator Plugin - {656EC4B7-072B-4698-B504-2A414C1F0037} - C:\PROGRA~1\PEOPLE~1\PRPL_I~1.DLL (file missing)
O2 - BHO: (no name) - {A8FB8EB3-183B-4598-924D-86F0E5E37085} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL (file missing)
O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Windows Protection Suite] "C:\WINDOWS\All Users\Application Data\be05e\WI748.exe" /s /d
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Startup: VZAccess Manager.lnk = C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe
O9 - Extra button: (no name) - {06FE5D02-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avlinksearch&c=3c00&LC=0409 (file missing)
O9 - Extra 'Tools' menuitem: &Find Pages Linking to this URL - {06FE5D02-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avlinksearch&c=3c00&LC=0409 (file missing)
O9 - Extra button: (no name) - {06FE5D03-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avhostsearch&c=3c00&LC=0409 (file missing)
O9 - Extra 'Tools' menuitem: Find Other Pages on this &Host - {06FE5D03-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avhostsearch&c=3c00&LC=0409 (file missing)
O9 - Extra button: (no name) - {06FE5D04-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=altavista&c=3c00&LC=0409 (file missing)
O9 - Extra 'Tools' menuitem: AV Live - {06FE5D04-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=altavista&c=3c00&LC=0409 (file missing)
O9 - Extra button: Translate - {06FE5D05-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avbabelfish&c=3c00&LC=0409 (file missing)
O9 - Extra 'Tools' menuitem: AV &Translate - {06FE5D05-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avbabelfish&c=3c00&LC=0409 (file missing)
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL (file missing)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\SHDOCVW.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE (file missing)
O9 - Extra button: (no name) - {2863ACA1-9AA0-4432-8CFE-88C12B3B2E5E} - file://C:\PROGRAM FILES\UPROMISE_REMINDU\Sy1050\Tp1050\scri1050a.htm (file missing) (HKCU)
O9 - Extra button: (no name) - {B48798CE-A2E0-4918-BC00-0F72FBA708E2} - file://C:\PROGRAM FILES\UPROMISE_REMIND_U\UpromisesRemindU\UpromisetRemindU\uproC0.htm (file missing) (HKCU)
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O12 - Plugin for .swf: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npswf32.dll
O12 - Plugin for .wmv: C:\Program Files\Windows Media Player\NPDSPLAY.DLL
O12 - Plugin for .wvx: C:\Program Files\Windows Media Player\NPDSPLAY.DLL
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/PopularScreenSaversInitialSetup1.0.0.8.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.av.aol.com/molbin/shared/mcinsctl/en-us/4,0,0,75/mcinsctl.cab
O16 - DPF: {5F03EAB4-1AD5-11D4-AE99-0050DAC24E8F} - http://www.iwon.com/ct/in_wn/iwonslot1,0,1,5.cab
O16 - DPF: {70522FA0-4656-11D5-B0E9-0050DAC24E8F} - http://cc.iwon.com/ct/pm3/iwonpm_12_1,0,2,5.cab
O16 - DPF: {BAB7B1B6-1FA2-41A2-A0A2-2CF82ACC3CA8} - http://www.topmoxie.com/external/builds/upromise/upro1050_310.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.av.aol.com/molbin/shared/mcgdmgr/en-us/1,0,0,17/mcgdmgr.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AC3AD504-9991-4E0E-9D3F-34056F8BB167}: NameServer = 66.174.95.44 66.174.92.14
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O24 - Desktop Component 0: (no name) - http://ak.imgfarm.com/images/today/pet/021104pet_lg.jpg
O24 - Desktop Component 1: (no name) - http://i1img.com/images/today/user/073002user_lg.jpg
--
End of file - 12526 bytes