[Resolvido!] Como retirar estas duas ameaças do meu PC

ruidurao · Maio 28, 2007

Bom dia:Ha pouco tempo atras, ao fazer o download de um free trial do jogo "Monopoly here and Now", o meu Mcafee 2006 detectou e apagou de um tal de DOWNLOADER-BAL!ini. O problema é que de 30 em 30 segundos aparecia a tal mensagem, ou seja, voltava a detectar e apagar! Vale a pena mencionar que o downloader!bal era apanhado num ficheiro do SYSTEM32 que é o wincom.ini.Comecei a ter problemas no pc, tais como o aparecimento de outro virus, o VUNDO.DLL que se situa no system32.O Mcafee não consegue fazer e nada e para piorar tenho agora um trojan que é o JUANSEARCH que, pelo que apurei na net, é bastante perigoso. As consequências visíveis que tenho tido são RESTARTS e mais RESTARTS a todoa a hora. Para escrever esta mensagem, o PC fez o restar 3 vezes, só para terem uma ideia.Será que me podem ajudar???Agradecia!Obrigado!!!

Sam Spade · Maio 28, 2007

Olá ruidurao! Baixe > HijackThis

Abra uma pasta em C:\ e salve nela.

Quando abrir a ferramenta, clique em "Do a system scan and save a logfile". Selecione, copie todo o seu conteúdo e cole na sua próxima resposta.

ruidurao · Maio 28, 2007

Aqui vai!

Logfile of HijackThis v1.99.1

Scan saved at 8:50:19 PM, on 28-May-07

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

c:\progra~1\mcafee\mcafee antispyware\massrv.exe

c:\program files\mcafee.com\agent\mcdetect.exe

c:\PROGRA~1\mcafee.com\vso\mcshield.exe

c:\PROGRA~1\mcafee.com\agent\mctskshd.exe

c:\PROGRA~1\mcafee.com\vso\OasClnt.exe

c:\program files\mcafee.com\vso\mcvsshld.exe

c:\program files\mcafee.com\agent\mcagent.exe

c:\progra~1\mcafee.com\vso\mcvsescn.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe

C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\AGRSMMSG.exe

C:\windows\system32\rlvknlg.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\WINDOWS\ALCXMNTR.EXE

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

C:\PROGRA~1\mcafee.com\mps\mscifapp.exe

C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe

C:\progra~1\mcafee\MCAFEE~1\masalert.exe

C:\WINDOWS\system32\ctfmon.exe

C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Outlook Express\msimn.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)

O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - (no file)

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)

O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll

O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [RelevantKnowledge] c:\windows\system32\rlvknlg.exe -boot

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall

O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask

O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe

O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe

O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe

O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe

O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding

O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe

O4 - HKLM\..\Run: [_AntiSpyware] c:\progra~1\mcafee\MCAFEE~1\masalert.exe

O4 - HKLM\..\Run: [setup] rundll32.exe "C:\WINDOWS\system32\fgbeipyk.dll",realset

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html...MZ_ZNxmk14565US

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll

O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)

O15 - Trusted Zone: www.archiviosex.net

O15 - Trusted Zone: www.redfunny.com

O15 - Trusted Zone: www.skymasters.biz

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwe...tup1.0.0.15.cab

O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab

O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.gamehouse.com/games/mjolauncher.cab

O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://download.games.yahoo.com/games/web_...inematycoon.cab

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...749/mcfscan.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - AppInit_DLLs: MsgPlusLoader.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Client IP-IPX - Unknown owner - C:\WINDOWS\system32\svchosts.exe" -e te-110-12-0000073 (file missing)

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: McAfee AntiSpyware Service - McAfee, Inc. - c:\progra~1\mcafee\mcafee antispyware\massrv.exe

O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe

O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe

O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe

O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe

O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe

O23 - Service: mysql - Unknown owner - C:\Program Files\xampp\mysql\bin\mysqld-nt.exe" "--defaults-file=C:\Program Files\xampp\mysql\bin\my.cnf" mysql (file missing)

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

Demorei a responder pois o downloader do Firefox, ja nem sequer funciona... (consequencia nao sei de que...)

Sam Spade · Maio 30, 2007

Ok, baixe > show-vundo.vbs

Rode-o, depois copie e cole o conteúdo do resultado que encontrará em C:\vundo-bho.txt

ruidurao · Junho 1, 2007

Sam Spade...Eu espero n\ao ter feito nenhuma borrada.... é que com o desespero, ja fui rodando o VUNDO FIX. Fiz isso pois reparei que em muitos outros tópicos era o concelho dado aos pedintes de ajuda. Portanto, este pequeno log do SHOW-VUNDO foi feito tendo ja corrido o VUNDO FIX cujos resultados estao já de seguida:VundoFix V6.4.1Checking Java version...Java version is 1.5.0.6Old versions of java are exploitable and should be removed.Scan started at 8:31:02 PM 30-May-07Listing files found while scanning....C:\WINDOWS\system32\fgbeipyk.dllC:\WINDOWS\system32\hggdbyw.dllC:\WINDOWS\system32\kypiebgf.iniC:\WINDOWS\system32\ljjjjih.dllC:\WINDOWS\system32\qmrkgxqk.dllC:\WINDOWS\system32\ryxhqukd.dllC:\WINDOWS\system32\stutv.bak1C:\WINDOWS\system32\stutv.bak2C:\WINDOWS\system32\stutv.iniC:\WINDOWS\system32\stutv.ini2C:\WINDOWS\system32\stutv.tmpC:\WINDOWS\system32\vtuts.dllBeginning removal... Attempting to delete C:\WINDOWS\system32\fgbeipyk.dllC:\WINDOWS\system32\fgbeipyk.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\hggdbyw.dllC:\WINDOWS\system32\hggdbyw.dll Could not be deleted. Attempting to delete C:\WINDOWS\system32\kypiebgf.iniC:\WINDOWS\system32\kypiebgf.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\ljjjjih.dllC:\WINDOWS\system32\ljjjjih.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\qmrkgxqk.dllC:\WINDOWS\system32\qmrkgxqk.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\ryxhqukd.dllC:\WINDOWS\system32\ryxhqukd.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\stutv.bak1C:\WINDOWS\system32\stutv.bak1 Has been deleted! Attempting to delete C:\WINDOWS\system32\stutv.bak2C:\WINDOWS\system32\stutv.bak2 Has been deleted! Attempting to delete C:\WINDOWS\system32\stutv.iniC:\WINDOWS\system32\stutv.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\stutv.ini2C:\WINDOWS\system32\stutv.ini2 Has been deleted! Attempting to delete C:\WINDOWS\system32\stutv.tmpC:\WINDOWS\system32\stutv.tmp Has been deleted! Attempting to delete C:\WINDOWS\system32\vtuts.dllC:\WINDOWS\system32\vtuts.dll Has been deleted!Performing Repairs to the registry.Done!Beginning removal... Attempting to delete C:\WINDOWS\system32\hggdbyw.dllC:\WINDOWS\system32\hggdbyw.dll Has been deleted!Performing Repairs to the registry.Done!E agora os resultados do SHOW VUNDO:=================================================Relatório | BHOs, Winlogon Notify e AppInit_DLLs=================================================AppInit_DLLs-------------------------------------------------MsgPlusLoader.dll-------------------------------------------------Browser Helper Objects-------------------------------------------------[HKLM\SOFTWARE\Classes\CLSID\{001983AC-F64C-4DE5-9892-8D6DE4A50B6F}\][indefinido] | [indefinido]C:\WINDOWS\system32\vtuts.dll[HKLM\SOFTWARE\Classes\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\]Adobe PDF Reader Link Helper | [indefinido]C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll[HKLM\SOFTWARE\Classes\CLSID\{227B8AA8-DAF2-4892-BD1D-73F568BCB24E}\]McBrwHelper Class | [indefinido]c:\program files\mcafee.com\mps\mcbrhlpr.dll[HKLM\SOFTWARE\Classes\CLSID\{259F616C-A300-44F5-B04A-ED001A26C85C}\]Solid Converter PDF | [indefinido]C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll[HKLM\SOFTWARE\Classes\CLSID\{3EC8255F-E043-4cae-8B3B-B191550C2A22}\]McAfee Privacy Service Popup Blocker | McAfee PopupKillerc:\program files\mcafee.com\mps\popupkiller.dll[HKLM\SOFTWARE\Classes\CLSID\{41D68ED8-4CFF-4115-88A6-6EBB8AF19000}\]McAfee AntiPhishing Filter | [indefinido]c:\program files\mcafee\spamkiller\mcapfbho.dll[HKLM\SOFTWARE\Classes\CLSID\{4B646AFB-9341-4330-8FD1-C32485AEE619}\][indefinido] | [indefinido]C:\WINDOWS\system32\mxbemviq.dll[HKLM\SOFTWARE\Classes\CLSID\{56F1D444-11BF-4879-A12B-79CF0177F038}\][indefinido] | [indefinido][indefinido][HKLM\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\]SSVHelper Class | [indefinido]C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll[HKLM\SOFTWARE\Classes\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}\][indefinido] | [indefinido][indefinido][HKLM\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\]Windows Live Sign-in Helper | [indefinido]C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll[HKLM\SOFTWARE\Classes\CLSID\{ED4519F6-5764-F469-38D1-E48E02B8CCF1}\][indefinido] | [indefinido][indefinido]-------------------------------------------------Winlogon Notify-------------------------------------------------[Padrão] crypt32chain : crypt32.dll[Padrão] cryptnet : cryptnet.dll[Padrão] cscdll : cscdll.dll[Padrão] ScCertProp : wlnotify.dll[Padrão] Schedule : wlnotify.dll[Padrão] sclgntfy : sclgntfy.dll[Padrão] SensLogn : WlNotify.dll[Padrão] termsrv : wlnotify.dll[Nova] WgaLogon : WgaLogon.dll[Nova] winopn32 : winopn32.dll[Padrão] wlballoon : wlnotify.dll[Padrão] WRNotifier : WRLogonNTF.dllEsta NÃO É uma lista de arquivos maliciosos!Aguardo mais instruções!!!

Sam Spade · Junho 3, 2007

Ok, o show-vundo mostra entradas do Vundo ainda. Poste um log do HijackThis para avaliação.

ruidurao · Junho 4, 2007

Logfile of HijackThis v1.99.1

Scan saved at 7:52:39 AM, on 04-Jun-07

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

c:\progra~1\mcafee\mcafee antispyware\massrv.exe

c:\program files\mcafee.com\agent\mcdetect.exe

c:\PROGRA~1\mcafee.com\vso\mcshield.exe

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\AGRSMMSG.exe

C:\windows\system32\rlvknlg.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\WINDOWS\ALCXMNTR.EXE

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\McAfee.com\VSO\mcvsshld.exe

C:\Program Files\McAfee.com\VSO\oasclnt.exe

c:\program files\mcafee.com\agent\mcagent.exe

c:\progra~1\mcafee.com\vso\mcvsescn.exe

c:\PROGRA~1\mcafee.com\agent\mctskshd.exe

C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

C:\PROGRA~1\mcafee.com\mps\mscifapp.exe

C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe

C:\progra~1\mcafee\MCAFEE~1\masalert.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe

C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe

C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE

C:\Program Files\eMule\eMule.exe

C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\svchost.exe

C:\PROGRA~1\mcafee.com\shared\mghtml.exe

C:\HijackThis.exe

R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)

O2 - BHO: (no name) - {001983AC-F64C-4DE5-9892-8D6DE4A50B6F} - C:\WINDOWS\system32\vtuts.dll (file missing)

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll

O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll

O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll

O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll

O2 - BHO: (no name) - {4B646AFB-9341-4330-8FD1-C32485AEE619} - C:\WINDOWS\system32\mxbemviq.dll

O2 - BHO: (no name) - {56F1D444-11BF-4879-A12B-79CF0177F038} - (no file)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: (no name) - {ED4519F6-5764-F469-38D1-E48E02B8CCF1} - (no file)