ComboFix 08-01-30.1 - @yesha 2008-01-29 22:40:25.1 - NTFSx86
Running from: C:\Documents and Settings\@yesha\Desktop\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\@yesha\Application Data\BestsellerAntivirus
C:\Documents and Settings\@yesha\Application Data\BestsellerAntivirus\avtasks.dat
C:\Documents and Settings\@yesha\Application Data\BestsellerAntivirus\Logs\av.log
C:\Documents and Settings\@yesha\Application Data\BestsellerAntivirus\Logs\ga6Support.log
C:\Documents and Settings\@yesha\Application Data\BestsellerAntivirus\Logs\update.log
C:\Documents and Settings\@yesha\Application Data\BestsellerAntivirus\PGE.dat
C:\Documents and Settings\@yesha\Application Data\macromedia\Flash Player\#SharedObjects\3ZC86Y38\www.broadcaster.com
C:\Documents and Settings\@yesha\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
C:\Documents and Settings\@yesha\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
C:\Documents and Settings\@yesha\ResErrors.log
C:\Documents and Settings\@yesha\Start Menu\Programs\Awola
C:\Documents and Settings\@yesha\Start Menu\Programs\Awola\Awola Anti-Spyware 6.0.lnk
C:\Documents and Settings\@yesha\Start Menu\Programs\Awola\Uninstall Awola Anti-Spyware 6.0.lnk
C:\Documents and Settings\@yesha\Start Menu\Programs\Internet Speed Monitor
C:\Documents and Settings\@yesha\Start Menu\Programs\Internet Speed Monitor\Check Now.lnk
C:\Documents and Settings\@yesha\Start Menu\Programs\Internet Speed Monitor\Uninstall.lnk
C:\Documents and Settings\All Users\Application Data\salesmonitor
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CnsMin.zip
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CnsMin1.zip
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CnsMin2.zip
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CnsMin3.zip
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CnsMin4.zip
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CnsMin5.zip
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CnsMin6.zip
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CnsMin7.zip
C:\Documents and Settings\All Users\Start Menu\Live Safety Center.lnk
C:\Program Files\3721
C:\Program Files\3721\assist\asbar.dll
C:\Program Files\3721\helper.dll
C:\Program Files\Accoona
C:\Program Files\Accoona\ASearchAssist.dll
C:\Program Files\akl
C:\Program Files\akl\akl.dll
C:\Program Files\akl\akl.exe
C:\Program Files\akl\curlog.htm
C:\Program Files\akl\keylog.txt
C:\Program Files\akl\readme.txt
C:\Program Files\akl\uninstall.exe
C:\Program Files\akl\unsetup.dat
C:\Program Files\akl\unsetup.exe
C:\Program Files\amsys
C:\Program Files\amsys\awmsg.dat
C:\Program Files\amsys\guid.dat
C:\Program Files\amsys\ijl15.dll
C:\Program Files\amsys\mfc42.dll
C:\Program Files\amsys\msvcrt.dll
C:\Program Files\amsys\unins000.dat
C:\Program Files\amsys\unis000.exe
C:\Program Files\amsys\winam.dat
C:\Program Files\Common Files\inetget2
C:\Program Files\e-zshopper
C:\Program Files\e-zshopper\BarLcher.dll
C:\Program Files\ISM2
C:\Program Files\ISM2\dictionary.gz
C:\Program Files\ISM2\ISMPack6.exe
C:\Program Files\ISM2\targets.gz
C:\Program Files\p2pnetworks
C:\Program Files\p2pnetworks\amp2pl.exe
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\Temp\xOe
C:\Temp\xOe\tOasF.log
C:\UGA6P
C:\WINDOWS\764.exe
C:\WINDOWS\7search.dll
C:\WINDOWS\83122.exe
C:\WINDOWS\absolute key logger.lnk
C:\WINDOWS\aconti.exe
C:\WINDOWS\aconti.ini
C:\WINDOWS\aconti.log
C:\WINDOWS\aconti.sdb
C:\WINDOWS\acontidialer.txt
C:\WINDOWS\adbar.dll
C:\WINDOWS\cbinst$.exe
C:\WINDOWS\cookies.ini
C:\WINDOWS\daxtime.dll
C:\WINDOWS\default.htm
C:\WINDOWS\dp0.dll
C:\WINDOWS\eventlowg.dll
C:\WINDOWS\fhfmm-Uninstaller.exe
C:\WINDOWS\fhfmm.exe
C:\WINDOWS\flt.dll
C:\WINDOWS\hcwprn.exe
C:\WINDOWS\hotporn.exe
C:\WINDOWS\ie_32.exe
C:\WINDOWS\iexplorr23.dll
C:\WINDOWS\jd2002.dll
C:\WINDOWS\kkcomp$.exe
C:\WINDOWS\kkcomp.dll
C:\WINDOWS\kkcomp.exe
C:\WINDOWS\kvnab$.exe
C:\WINDOWS\kvnab.dll
C:\WINDOWS\kvnab.exe
C:\WINDOWS\liqad$.exe
C:\WINDOWS\liqad.dll
C:\WINDOWS\liqad.exe
C:\WINDOWS\liqui-Uninstaller.exe
C:\WINDOWS\liqui.dll
C:\WINDOWS\liqui.exe
C:\WINDOWS\ngd.dll
C:\WINDOWS\pbar.dll
C:\WINDOWS\pbsysie.dll
C:\WINDOWS\PerfInfo
C:\WINDOWS\PerfInfo\zmUCrjJoabwp.exe
C:\WINDOWS\settn.dll
C:\WINDOWS\spredirect.dll
C:\WINDOWS\system32\aahaeixd.ini
C:\WINDOWS\system32\ace16win.dll
C:\WINDOWS\system32\acespy
C:\WINDOWS\system32\acespy\__acelog.ndx
C:\WINDOWS\system32\acespy\systune.exe
C:\WINDOWS\system32\apkygjkf.ini
C:\WINDOWS\system32\aqqauuda.ini
C:\WINDOWS\system32\atvffwpi.exe
C:\WINDOWS\system32\awuowldp.exe
C:\WINDOWS\system32\biobpwfc.ini
C:\WINDOWS\system32\bkfoagtt.ini
C:\WINDOWS\system32\bszip.dll
C:\WINDOWS\system32\btvlccmb.ini
C:\WINDOWS\system32\cdcehoso.ini
C:\WINDOWS\system32\chxsdumm.ini
C:\WINDOWS\system32\cjmahtcx.exe
C:\WINDOWS\system32\cnlcwbwi.ini
C:\WINDOWS\system32\conf.dat
C:\WINDOWS\system32\cxiwlrfd.ini
C:\WINDOWS\system32\dcpopjqh.ini
C:\WINDOWS\system32\dhksgfas.dll
C:\WINDOWS\system32\dnitdihc.ini
C:\WINDOWS\system32\dpavbloh.ini
C:\WINDOWS\system32\dtujylax.ini
C:\WINDOWS\system32\dwuckars.ini
C:\WINDOWS\system32\eadnsyqx.dll
C:\WINDOWS\system32\ehasguvt.ini
C:\WINDOWS\system32\erodfiuv.ini
C:\WINDOWS\system32\ESHOPEE.exe
C:\WINDOWS\system32\faaxfqvg.exe
C:\WINDOWS\system32\fghoskmp.ini
C:\WINDOWS\system32\filjgdpt.ini
C:\WINDOWS\system32\fjhhwlwv.ini
C:\WINDOWS\system32\fleucurs.ini
C:\WINDOWS\system32\flkvkrcc.ini
C:\WINDOWS\system32\fquisjmr.ini
C:\WINDOWS\system32\fuvnuwlp.dll
C:\WINDOWS\system32\gkvnrlhr.ini
C:\WINDOWS\system32\glbvvmbs.ini
C:\WINDOWS\system32\gnrcmsbp.ini
C:\WINDOWS\system32\gorriohs.exe
C:\WINDOWS\system32\gqcvawfy.ini
C:\WINDOWS\system32\hacvsoba.ini
C:\WINDOWS\system32\hmeyoxix.ini
C:\WINDOWS\system32\hmnuvbxm.ini
C:\WINDOWS\system32\hsklogsi.ini
C:\WINDOWS\system32\hwncvqyp.ini
C:\WINDOWS\system32\hwnvlyjb.ini
C:\WINDOWS\system32\hxtnhkct.exe
C:\WINDOWS\system32\ietdotjt.exe
C:\WINDOWS\system32\ivoihcpn.ini
C:\WINDOWS\system32\iykrwsjd.dll
C:\WINDOWS\system32\jcubrxdr.ini
C:\WINDOWS\system32\jkfnnort.dll
C:\WINDOWS\system32\jlyiajnd.ini
C:\WINDOWS\system32\jnwequvl.ini
C:\WINDOWS\system32\jwaamicv.ini
C:\WINDOWS\system32\kcocdrlg.ini
C:\WINDOWS\system32\kfiefjxq.ini
C:\WINDOWS\system32\kvmwhdem.ini
C:\WINDOWS\system32\lshdqnkn.ini
C:\WINDOWS\system32\lt.res
C:\WINDOWS\system32\lwhjvlwh.dll
C:\WINDOWS\system32\lyogngoy.ini
C:\WINDOWS\system32\maktqydc.ini
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\mkmbwcyn.ini
C:\WINDOWS\system32\moehgduq.ini
C:\WINDOWS\system32\msole32.exe
C:\WINDOWS\system32\mvmenozx.dllbox
C:\WINDOWS\system32\njkttmiv.ini
C:\WINDOWS\system32\njnjendq.ini
C:\WINDOWS\system32\nobqkrsi.dll
C:\WINDOWS\system32\nusrmgr.exe
C:\WINDOWS\system32\oaevwaxj.dll
C:\WINDOWS\system32\oenbxfcf.ini
C:\WINDOWS\system32\ohactoix.exe
C:\WINDOWS\system32\otfvwise.ini
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\pdfojnca.ini
C:\WINDOWS\system32\peuuktit.dll
C:\WINDOWS\system32\phowpwgh.ini
C:\WINDOWS\system32\pwkyfbvp.ini
C:\WINDOWS\system32\pwspuhcc.ini
C:\WINDOWS\system32\pxjqljft.exe
C:\WINDOWS\system32\q21
C:\WINDOWS\system32\qajlqbqt.ini
C:\WINDOWS\system32\qfovoxlb.dll
C:\WINDOWS\system32\qoghauuq.ini
C:\WINDOWS\system32\rbgmahmv.ini
C:\WINDOWS\system32\rbmqsnup.dll
C:\WINDOWS\system32\rmtosbbe.ini
C:\WINDOWS\system32\rsihmwam.ini
C:\WINDOWS\system32\sahgsnon.ini
C:\WINDOWS\system32\sft.res
C:\WINDOWS\system32\shuxjmcl.ini
C:\WINDOWS\system32\skudxgbq.ini
C:\WINDOWS\system32\ssdppyhl.ini
C:\WINDOWS\system32\subalxjh.dll
C:\WINDOWS\system32\svvybvsi.ini
C:\WINDOWS\system32\tedsvncn.ini
C:\WINDOWS\system32\tmlumhvy.ini
C:\WINDOWS\system32\tuuhlchr.ini
C:\WINDOWS\system32\uavwudkj.exe
C:\WINDOWS\system32\ucisxtpp.ini
C:\WINDOWS\system32\udgcwnnh.ini
C:\WINDOWS\system32\uqmmxyim.exe
C:\WINDOWS\system32\utaecpoy.ini
C:\WINDOWS\system32\uymyzwgn.dllbox
C:\WINDOWS\system32\venfggdd.ini
C:\WINDOWS\system32\vjoldvnl.ini
C:\WINDOWS\system32\vMW02a
C:\WINDOWS\system32\vsaqhnmt.ini
C:\WINDOWS\system32\vxddsk.exe
C:\WINDOWS\system32\vyuyjnsb.ini
C:\WINDOWS\system32\wegqdyyh.ini
C:\WINDOWS\system32\wkahbltk.ini
C:\WINDOWS\system32\wkahbltk.tmp2
C:\WINDOWS\system32\wml.exe
C:\WINDOWS\system32\wspshokt.ini
C:\WINDOWS\system32\wxjtjuuk.ini
C:\WINDOWS\system32\xdfawagw.ini
C:\WINDOWS\system32\xljvouxd.ini
C:\WINDOWS\system32\xulmtkid.ini
C:\WINDOWS\system32\xxritayu.dll
C:\WINDOWS\system32\yprcmhcx.dll
C:\WINDOWS\system32\ysfslhde.ini
C:\WINDOWS\system32\yyynjeri.ini
C:\WINDOWS\vxddsk.exe
C:\WINDOWS\wbeCheck.exe
C:\WINDOWS\wbeInst$.exe
C:\WINDOWS\wml.exe
C:\WINDOWS\xadbrk.dll
C:\WINDOWS\xadbrk.exe
C:\WINDOWS\xadbrk_.exe
C:\WINDOWS\xxxvideo.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_DOMAINSERVICE
-------\LEGACY_FMTR
-------\LEGACY_NETWORK_MONITOR
-------\DomainService
((((((((((((((((((((((((( Files Created from 2007-12-28 to 2008-01-30 )))))))))))))))))))))))))))))))
.
2008-01-28 20:22 . 2008-01-28 20:22 <DIR> d-------- C:\Program Files\Trend Micro
2008-01-28 19:56 . 2008-01-28 20:17 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-01-28 19:42 . 2008-01-28 19:42 2,855 --a------ C:\WINDOWS\Shortcut to fhfmm.pif
2008-01-27 21:09 . 2008-01-27 21:09 <DIR> d--h----- C:\WINDOWS\PIF
2008-01-26 16:43 . 2008-01-26 16:43 <DIR> d-------- C:\WINDOWS\rwtrmceq
2008-01-26 16:42 . 2008-01-26 16:42 189,952 --a------ C:\WINDOWS\ngrmxatg.dll
2008-01-26 16:40 . 2008-01-26 16:40 89,617 --a------ C:\WINDOWS\system32\rxjddnvj.exe.vir
2008-01-26 16:25 . 2008-01-26 16:25 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Roxio
2008-01-26 16:21 . 2008-01-26 16:21 100,672 --a------ C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT
2008-01-26 16:19 . 2008-01-29 22:51 256 --a------ C:\Documents and Settings\@yesha\pool.bin
2008-01-26 01:37 . 2008-01-27 00:23 <DIR> d-------- C:\Documents and Settings\@yesha\Application Data\Roxio
2008-01-26 01:34 . 2008-01-26 01:34 <DIR> d-------- C:\Documents and Settings\@yesha\Application Data\Research In Motion
2008-01-26 01:34 . 2008-01-26 02:33 256 --a------ C:\WINDOWS\system32\pool.bin
2008-01-26 01:23 . 2008-01-26 01:23 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Sonic
2008-01-26 01:13 . 2008-01-26 01:14 <DIR> d-------- C:\Program Files\Roxio
2008-01-26 01:13 . 2008-01-26 01:22 <DIR> d-------- C:\Program Files\Common Files\Sonic Shared
2008-01-26 01:13 . 2008-01-26 16:17 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Roxio
2008-01-26 01:11 . 2008-01-26 01:15 <DIR> d-------- C:\Program Files\Common Files\Roxio Shared
2008-01-26 01:01 . 2007-01-18 10:24 26,496 -ra------ C:\WINDOWS\system32\drivers\RimSerial.sys
2008-01-26 00:59 . 2008-01-26 00:59 <DIR> d-------- C:\Documents and Settings\@yesha\Application Data\Blackberry Desktop
2008-01-26 00:57 . 2008-01-26 00:57 <DIR> d-------- C:\Program Files\Common Files\Research In Motion
2008-01-26 00:56 . 2008-01-26 00:56 <DIR> d-------- C:\Program Files\Research In Motion
2008-01-26 00:47 . 2008-01-26 00:47 <DIR> d--hs---- C:\WINDOWS\ftpcache
2008-01-23 18:55 . 2008-01-23 18:55 <DIR> d-------- C:\Program Files\Lavasoft
2008-01-23 18:55 . 2008-01-23 18:55 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-23 18:55 . 2008-01-23 18:58 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-23 18:45 . 2008-01-23 18:57 <DIR> d-------- C:\WINDOWS\system32\NtmsData
2008-01-23 18:06 . 2008-01-23 18:06 0 --ahs---- C:\Documents and Settings\@yesha\Application Data\
0033a8700d.dat
2008-01-23 16:30 . 2008-01-28 19:42 <DIR> d-------- C:\Documents and Settings\@yesha\Application Data\AVG7
2008-01-23 16:29 . 2008-01-23 16:29 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2008-01-23 16:27 . 2008-01-23 18:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg7
2008-01-22 19:38 . 2008-01-23 15:37 354 --ahs---- C:\WINDOWS\system32\hvenpqog.ini
2008-01-22 01:48 . 2008-01-22 01:48 0 --ahs---- C:\Documents and Settings\@yesha\Application Data\.dat
2008-01-19 15:03 . 2008-01-19 15:03 489,984 --a------ C:\Documents and Settings\@yesha\installer.exe
2008-01-17 20:59 . 2008-01-23 15:38 488,702 --a------ C:\WINDOWS\system32\adeeg.ini2.vir
2008-01-13 00:51 . 2008-01-29 21:45 16,633 --a------ C:\WINDOWS\BM9391fbe3.xml
2008-01-13 00:51 . 2008-01-29 21:59 22 --a------ C:\WINDOWS\pskt.ini
2008-01-02 04:43 . 2008-01-02 04:43 153 --a------ C:\WINDOWS\system32\delFSF.bat
2008-01-01 23:37 . 2008-01-01 23:38 67,407 --a------ C:\NOYt.exe
2008-01-01 03:07 . 2008-01-01 03:07 <DIR> d-------- C:\Program Files\RcvSystem
2007-12-25 05:17 . 2007-12-25 05:17 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Dell
2007-12-14 11:32 . 2007-12-14 11:32 12,632 --a------ C:\WINDOWS\system32\lsdelete.exe
2007-12-06 01:04 . 2007-12-06 05:40 354 --ahs---- C:\WINDOWS\system32\ysgtwujr.ini
2007-12-05 15:10 . 2007-12-05 15:10 1,339 --a------ C:\WINDOWS\system32\inhmhbxe.dll
2007-12-05 15:07 . 2007-12-05 15:07 1,339 --a------ C:\WINDOWS\system32\arunirmq.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-30 04:51 --------- d-----w C:\Program Files\Ares
2008-01-30 04:49 6,815,744 ---ha-w C:\Documents and Settings\@yesha\NTUSER.DAT
2008-01-27 08:16 --------- d-----w C:\Program Files\WebHost
2008-01-24 22:42 --------- d-----w C:\Program Files\Yahoo!
2008-01-24 01:57 --------- d--h--w C:\Documents and Settings\@yesha\Application Data\Move Networks
2008-01-24 00:25 5,632 -csha-w C:\Program Files\Thumbs.db
2008-01-23 22:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\Grisoft
2008-01-22 07:48 0 --sha-w C:\Documents and Settings\@yesha\Application Data\.dat
2008-01-22 05:48 --------- d-----w C:\Program Files\BitComet
2007-10-09 09:01 294,668 ----a-w C:\WINDOWS\frexup2.exe
2007-05-20 23:37 20 -c-h--w C:\Documents and Settings\All Users\Application Data\PKP_DLds.DAT
2005-07-29 21:24 472 --sha-r C:\WINDOWS\QHllc2hh\kJ55wZ11.vbs
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{71047564-1dd2-11b2-8046-8c8d68d77de6}]
C:\WINDOWS\ohmtgzat.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88}
{37B85A29-692B-4205-9CAD-2626E4993404}
{DE9C389F-3316-41A7-809B-AA305ED9D922}
{0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F}
{07AA283A-43D7-4CBE-A064-32A21112D94D}
{2318C2B1-4965-11D4-9B18-009027A5CD4F}
{F8AD5AA5-D966-4667-9DAF-2561D68B2012}
[HKEY_CLASSES_ROOT\clsid\{0d045baa-4bd3-4c94-be8b-21536bd6bd9f}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F}"= C:\Program Files\Video ActiveX Object\iesplugin.dll [ ]
[HKEY_CLASSES_ROOT\clsid\{0d045baa-4bd3-4c94-be8b-21536bd6bd9f}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AIM"="C:\Program Files\AIM\aim.exe" [2006-08-01 14:35 67112]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 10:09 460784]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2004-11-22 07:18 307200]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 03:40 218032]
"ares"="C:\Program Files\Ares\Ares.exe" [2005-08-16 16:36 896512]
"DellTransferAgent"="C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe" [2007-11-13 15:46 135168]
"QdrPack12"="C:\Program Files\QdrPack\QdrPack12.exe" [ ]
"RIMDeviceManager"="C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe" [2007-04-13 17:19 1320472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2004-09-13 15:33 155648]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-02-15 14:02 155648]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-02-15 14:02 126976]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2004-10-30 13:59 385024]
"Dell QuickSet"="C:\Program Files\Dell\QuickSet\quickset.exe" [2005-03-04 10:26 606208]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [ ]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-09-11 03:40 218032]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-09-11 03:40 86960]
"SpySpotter System Defender"="C:\Program Files\SpySpotter3\Defender.exe" [ ]
"mmtask"="C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe" [2005-03-15 08:58 53248]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-03-14 18:05 257088]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 08:41 282624]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 20:52 49152]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-09-18 19:22 185632]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"NI.UGES_0002_N108M1607"="C:\Documents and Settings\@yesha\My Documents\My Videos\House MD\setup_en.exe" [ ]
"plite731"="C:\WINDOWS\plite731.exe" [ ]
"90a2c87f"="C:\WINDOWS\system32\goqpnevh.dll" [ ]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-01-23 16:27 579072]
"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2007-04-23 11:43 228088]
"BM9391fbe3"="C:\WINDOWS\system32\evjelptq.dll" [ ]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-01-23 16:28 219136]
C:\Documents and Settings\@yesha\Start Menu\Programs\Startup\
Desktop Manager.lnk - C:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe [2007-05-31 14:49:06 1283608]
Yahoo! Widget Engine.lnk - C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe [2007-07-20 11:57:16 2913584]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-01-02 18:29:00 113664]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 03:44:06 29696]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2005-08-15 22:26:29 24576]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 20:40:10 210520]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 00:01:04 83360]
QuickBooks Update Agent.lnk - C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2004-11-11 10:59:36 806912]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\LgNotify.dll 2004-09-07 15:08 110592 C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
--a------ 2005-08-16 16:36 896512 C:\Program Files\Ares\Ares.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearFlix]
C:\Program Files\BearFlix\BearFlix.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare]
C:\Program Files\BearShare\BearShare.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
--------- 2005-02-23 15:19 53248 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\freestyle]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCAgentExe]
c:\PROGRA~1\mcafee.com\agent\McAgent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCUpdateExe]
c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2004-10-13 10:24 1694208 C:\Program Files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NI.UGA6P_0001_N115M0110]
C:\Documents and Settings\@yesha\Local Settings\Temp\qrjatydi.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nod32kui]
C:\Program Files\Eset\nod32kui.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OASClnt]
C:\Program Files\McAfee.com\VSO\oasclnt.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
--------- 2004-04-11 19:15 290816 C:\Program Files\Dell\Media Experience\PCMService.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\plite731]
C:\WINDOWS\plite731.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchIndexer]
C:\WINDOWS\system32\jnaorwlh.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirusScan Online]
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VSOCheckTask]
C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZangoOE]
C:\Program Files\Zango\bin\10.0.341.0\OEAddOn.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZangoSA]
C:\Program Files\Zango\bin\10.0.341.0\ZangoSA.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SharedAccess"=2 (0x2)
R2 SVKP;SVKP;C:\WINDOWS\system32\SVKP.sys [2005-10-16 18:06]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 15:38]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{259b8c36-7aec-11dc-bae7-00123fe316ac}]
\Shell\AutoRun\command - E:\LaunchU3.exe -a
.
Contents of the 'Scheduled Tasks' folder
"2008-01-30 01:47:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-01-29 22:52:44
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Ares\Ares.exe
C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe
C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
.
**************************************************************************
.
Completion time: 2008-01-29 22:57:20 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-30 04:57:14
.
2008-01-24 00:21:51 --- E O F ---
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:02:40 PM, on 1/29/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Ares\Ares.exe
C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe
C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.weather.c...om=recentsearchR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.dell4me.com/mywayR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R3 - URLSearchHook: (no name) - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - (no file)
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll (file missing)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.28.dll
O2 - BHO: (no name) - {71047564-1dd2-11b2-8046-8c8d68d77de6} - C:\WINDOWS\ohmtgzat.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.8.0\ViewBarBHO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: HP Smart Web Printing 1.0 - {AE84A6AA-A333-4B92-B276-C11E2212E4FE} - C:\Program Files\HP\Smart Web Printing\SmartWebPrinting.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: Protection Bar - {0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F} - C:\Program Files\Video ActiveX Object\iesplugin.dll (file missing)
O3 - Toolbar: (no name) - {07AA283A-43D7-4CBE-A064-32A21112D94D} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.8.0\IEViewBar.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SpySpotter System Defender] C:\Program Files\SpySpotter3\Defender.exe -startup
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [NI.UGES_0002_N108M1607] "C:\Documents and Settings\@yesha\My Documents\My Videos\House MD\setup_en.exe" -nag
O4 - HKLM\..\Run: [plite731] C:\WINDOWS\plite731.exe
O4 - HKLM\..\Run: [90a2c87f] rundll32.exe "C:\WINDOWS\system32\goqpnevh.dll",b
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [BM9391fbe3] Rundll32.exe "C:\WINDOWS\system32\evjelptq.dll",s
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [DellTransferAgent] "C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe"
O4 - HKCU\..\Run: [QdrPack12] "C:\Program Files\QdrPack\QdrPack12.exe"
O4 - HKCU\..\Run: [RIMDeviceManager] "C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe" -RunServer
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: Desktop Manager.lnk = C:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} -
http://wwws.musicmat...enWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.amaena.com
O15 - Trusted Zone: *.imageservr.com
O15 - Trusted Zone: *.imagesrvr.com
O15 - Trusted Zone: *.trustedantivirus.com
O15 - Trusted Zone: *.amaena.com (HKLM)
O15 - Trusted Zone: *.imageservr.com (HKLM)
O15 - Trusted Zone: *.imagesrvr.com (HKLM)
O15 - Trusted Zone: *.trustedantivirus.com (HKLM)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) -
http://photo.walgree...eensActivia.cabO16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} -
http://software-dl.r...ip/RdxIE601.cabO16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) -
http://upload.facebo...toUploader3.cabO16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) -
http://upload.facebo...otoUploader.cabO16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) -
http://go.divx.com/p...owserPlugin.cabO16 - DPF: {95D88B35-A521-472B-A182-BB1A98356421} (Pearson Installation Assistant 2) -
http://asp.mathxl.co...nstallAsst2.cabO16 - DPF: {EEC9DBCC-04AD-4A1B-BEA7-C6DAD9515D5A} (Pearson MyEconLab Player Control) -
http://asp.mathxl.co.../EconPlayer.cabO16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) -
http://cvs.pnimedia....upv2.0.0.10.cab?
O21 - SSODL: buprestidae - {b59f3ba4-98da-4b5f-8a2d-7b56fb11140b} - (no file)
O22 - SharedTaskScheduler: buprestidae - {b59f3ba4-98da-4b5f-8a2d-7b56fb11140b} - (no file)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O24 - Desktop Component 0: (no name) -
http://danteworlds.l.../dantefront.jpgO24 - Desktop Component 1: (no name) -
http://ll.static.abc.../background.jpg--
End of file - 14951 bytes
This topic is locked
Sign In
Create Account
