++++++++++++++++++++++++++++++++++++++++++++++ComboFix 08-02.01.6 - Owner 2008-02-01 13:03:14.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.1.1252.1.1033.18.450 [GMT -6:00]Running from: c:\documents and settings\owner\desktop\combofix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!.
The following files were disabled during the run:C:\WINDOWS\System32\uohsom.dll
C:\WINDOWS\System32\ijougiemnaw.dll
C:\WINDOWS\System32\niluw.dll
C:\WINDOWS\System32\naixuhz.dll
C:\WINDOWS\System32\iqnauhc.dll
C:\WINDOWS\System32\xhqq.dll
C:\WINDOWS\System32\hjxr.dll
C:\WINDOWS\System32\gnaixnauhqq.dll
C:\WINDOWS\System32\naijihzeuyouhz.dll
C:\WINDOWS\System32\msfdfr.dll
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\drivers\kzabqk41.sys
C:\Documents and Settings\All Users\Application Data\microsoft\office\system
C:\Documents and Settings\All Users\Application Data\microsoft\office\userdata
C:\Documents and Settings\All Users\Application Data\microsoft\pctools
C:\Documents and Settings\Owner\Favorites\4bb6~1.lnk
C:\Documents and Settings\Owner\Favorites\7BFA~1.URL
C:\Program Files\ad4all
C:\Program Files\ad4all\Install.exe
C:\Program Files\ad4all\install.ini
C:\Program Files\ad4all\link1\eachlink.htm
C:\Program Files\ad4all\link1\eachlink.ico
C:\Program Files\ad4all\link1\ebaylink.ico
C:\Program Files\ad4all\link1\install.ini
C:\Program Files\ad4all\link1\Thumbs.db
C:\Program Files\Internet Explorer\IEXPLORE32.jmp
C:\Program Files\Internet Explorer\IEXPLORE32.Sys
C:\Program Files\Internet Explorer\PLUGINS\Sy_Win7k.Jmp
C:\Program Files\internet explorer\plugins\wn_sys8x.sys
C:\Program Files\winantispyware 2006 scanner
C:\RECYCLER\hpothb07.dat
C:\WINDOWS\14410a2d39.dll
C:\WINDOWS\40087.exe
C:\WINDOWS\4a1.bmp
C:\WINDOWS\ABNQDLKTRIGS.DLL
C:\WINDOWS\alexaie.dll
C:\WINDOWS\alxie328.dll
C:\WINDOWS\alxtb1.dll
C:\WINDOWS\arun.reg
C:\WINDOWS\AZBUD.DLL
C:\WINDOWS\banbwvok.dll
C:\WINDOWS\Downloaded Program Files.\ieodob.dll
C:\WINDOWS\Downloaded Program Files.\mszilgb2.dll
C:\WINDOWS\Downloaded Program Files\UWAS6_0001_N68M2301NetInstaller.exe
C:\WINDOWS\FLHKOUO.DLL
C:\WINDOWS\fn00321.log
C:\WINDOWS\Fonts\avwghina.dll
C:\WINDOWS\Fonts\avzxlin.dll
C:\WINDOWS\Fonts\enhuafx.fon
C:\WINDOWS\Fonts\enweafx.fon
C:\WINDOWS\Fonts\gjcscssb.dll
C:\WINDOWS\Fonts\gjcsdss.dll
C:\WINDOWS\Fonts\gjcuaxw.fon
C:\WINDOWS\Fonts\gjcubxw.fon
C:\WINDOWS\Fonts\gjfeaxw.fon
C:\WINDOWS\Fonts\gjfhass.dll
C:\WINDOWS\Fonts\kaqhlcsa.dll
C:\WINDOWS\Fonts\kawdicsb.dll
C:\WINDOWS\Fonts\msguasd.fon
C:\WINDOWS\Fonts\mszhasd.fon
C:\WINDOWS\Fonts\swrcfcs.dll
C:\WINDOWS\Fonts\wireafw.fon
C:\WINDOWS\NHZLMNBCNK.DLL
C:\WINDOWS\rising131.exe
C:\WINDOWS\rising146.exe
C:\WINDOWS\rising892.exe
C:\WINDOWS\susp.exe
C:\WINDOWS\system\dvl
C:\WINDOWS\system\lvl
C:\WINDOWS\system32\
0_exception.nls
C:\WINDOWS\system32\
034.exe
C:\WINDOWS\system32\40d7a5b538.dll
C:\WINDOWS\system32\aad1.dlltmp
C:\WINDOWS\system32\adurl.ini
C:\WINDOWS\system32\bho.dll
C:\WINDOWS\system32\BTFMH.DLL
C:\WINDOWS\system32\d3d1caps.srg
C:\WINDOWS\system32\DAA_DAA_1030.dll
C:\WINDOWS\system32\dailytoolbar.dll
C:\WINDOWS\system32\dnabeser.dat
C:\WINDOWS\system32\dodolook591.exe
C:\WINDOWS\system32\drivers\kzabqk41.sys
C:\WINDOWS\system32\drivers\usbhelp.sys
C:\WINDOWS\system32\drivers\usbshow.sys
C:\WINDOWS\system32\hjiq.dll
C:\WINDOWS\system32\IGB_CQSJ_1024.dll
C:\WINDOWS\system32\inf\svch0st.exe
C:\WINDOWS\system32\inf\svchost.exe
C:\WINDOWS\system32\ini.~tmp
C:\WINDOWS\system32\jao.dll
C:\WINDOWS\system32\key.~tmp
C:\WINDOWS\system32\kr_done1
C:\WINDOWS\system32\kzabqk41.dllmmc.pkm
C:\WINDOWS\system32\mprmsgse.axz
C:\WINDOWS\system32\mscpx32r.det
C:\WINDOWS\system32\mshtmll.dll
C:\WINDOWS\system32\questmod.dll
C:\WINDOWS\system32\setyahoo.ini
C:\WINDOWS\system32\SHAProc.dll
C:\WINDOWS\system32\svcp.csv
C:\WINDOWS\system32\thlwin32.dll
C:\WINDOWS\system32\TXZUKRZDYCTALZ.DLL
C:\WINDOWS\system32\usbhelp.exe
C:\WINDOWS\system32\usbshow.dll
C:\WINDOWS\system32\vx.tll
C:\WINDOWS\system32\VXYVGOTNEEK.EXE
C:\WINDOWS\system32\VXYVGOTNEEK.EXE.tmp
C:\WINDOWS\system32\wbem\RGZQQ.MDA
C:\WINDOWS\system32\winsub.xml
C:\windows\system32\YAKXACJWARCBXBA.EXE
C:\WINDOWS\ukfaanrg.dll
C:\WINDOWS\vviepsjc.dll
C:\WINDOWS\wr.txt
D:\Autorun.inf
E:\Autorun.inf
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_KZABQK41
-------\LEGACY_NDISWON
-------\LEGACY_PCIHARDDISK
-------\LEGACY_SYSLOADER
-------\LEGACY_WAMER
-------\LEGACY_YAHOOSVR
-------\kzabqk41
-------\NdisWon
-------\PciHardDisk
-------\sysloader
-------\wamer
-------\YahooSvr
((((((((((((((((((((((((( Files Created from 2008-01-01 to 2008-02-01 )))))))))))))))))))))))))))))))
.
2008-02-01 13:11 . 2008-02-01 13:11 12,032 --a------ C:\WINDOWS\system32\drivers\msaclue.sys
2008-02-01 12:52 . 2008-02-01 12:52 13,053 --a------ C:\WINDOWS\system32\naijihzeuyouhz.dll.vir
2008-02-01 12:52 . 2008-02-01 12:52 144 ---hs---- C:\WINDOWS\system32\naijihzeuyouhz.cfg
2008-02-01 12:50 . 2008-02-01 12:50 144 ---hs---- C:\WINDOWS\system32\hjiq.cfg
2008-02-01 12:49 . 2008-02-01 12:49 14,720 --a------ C:\WINDOWS\system32\iqnauhc.dll.vir
2008-02-01 12:49 . 2008-02-01 12:49 14,445 --a------ C:\WINDOWS\system32\xhqq.dll.vir
2008-02-01 12:49 . 2008-02-01 12:49 280 ---hs---- C:\WINDOWS\system32\xhqq.cfg
2008-02-01 12:49 . 2008-02-01 12:49 280 ---hs---- C:\WINDOWS\system32\iqnauhc.cfg
2008-02-01 12:48 . 2008-02-01 12:48 19,716 --a------ C:\WINDOWS\system32\hjxr.dll.vir
2008-02-01 12:48 . 2008-02-01 12:48 15,250 --a------ C:\WINDOWS\system32\naixuhz.dll.vir
2008-02-01 12:48 . 2008-02-01 12:48 12,210 --a------ C:\WINDOWS\system32\DAA_DAA_1030.exe
2008-02-01 12:48 . 2008-02-01 12:48 11,828 --a------ C:\WINDOWS\system32\IGB_CQSJ_1024.exe
2008-02-01 12:48 . 2008-02-01 12:52 9,344 --a------ C:\WINDOWS\system32\msepion.sys
2008-02-01 12:48 . 2008-02-01 12:48 144 ---hs---- C:\WINDOWS\system32\naixuhz.cfg
2008-02-01 12:48 . 2008-02-01 12:48 144 ---hs---- C:\WINDOWS\system32\hjxr.cfg
2008-02-01 12:46 . 2008-02-01 12:46 198 --a------ C:\WINDOWS\MicroSoft.vbs
2008-02-01 12:45 . 2008-02-01 12:45 0 --a------ C:\WINDOWS\WCFNWJXACTAHTW.DAT.tmp
2008-02-01 12:21 . 2008-02-01 12:21 31,232 --a------ C:\WINDOWS\system32\dsxwgp.dll
2008-02-01 12:21 . 2008-01-25 13:05 18,274 --a------ C:\WINDOWS\qjgvmc.exe
2008-01-28 14:19 . 2008-01-28 14:19 17,657 --a------ C:\WINDOWS\system32\drivers\92.exe
2008-01-28 14:09 . 2008-01-28 14:09 31,232 --a------ C:\WINDOWS\system32\iktnmy.dll
2008-01-28 14:08 . 2008-01-28 14:08 36,864 --a------ C:\WINDOWS\system32\boanlo.dll
2008-01-28 13:52 . 2008-01-28 13:52 18,272 --a------ C:\WINDOWS\fzsxaw.exe
2008-01-28 13:50 . 2008-01-28 13:50 21,784 --a------ C:\WINDOWS\mfzlgr.exe
2008-01-28 13:49 . 2008-01-28 13:49 34,433 --a------ C:\WINDOWS\system32\drivers\
0.exe
2008-01-28 13:48 . 2008-01-28 13:48 13,336 --a------ C:\WINDOWS\system32\drivers\xx.exe
2008-01-28 13:30 . 2008-01-28 13:30 31,232 --a------ C:\WINDOWS\system32\ibehye.dll
2008-01-26 00:49 . 2008-01-25 23:18 20,793 --a------ C:\WINDOWS\yrscaz.exe
2008-01-25 23:19 . 2008-01-25 23:18 20,793 --a------ C:\WINDOWS\ozpxdh.exe
2008-01-25 23:18 . 2008-01-25 23:18 31,232 --a------ C:\WINDOWS\system32\lpolhf.dll
2008-01-25 23:18 . 2008-01-25 23:20 49 --a------ C:\zycj.bat
2008-01-25 23:16 . 2008-01-25 13:10 16,541 --a------ C:\WINDOWS\system32\ijougiemnaw.dll.vir
2008-01-25 23:16 . 2008-01-25 13:10 280 ---hs---- C:\WINDOWS\system32\ijougiemnaw.cfg
2008-01-25 23:15 . 2008-01-25 13:05 9,694 ---hs---- C:\WINDOWS\zfyvoacsv.exe
2008-01-25 23:15 . 2008-01-25 13:05 9,694 ---hs---- C:\WINDOWS\vesclzsl.exe
2008-01-25 23:15 . 2008-02-01 12:20 8,192 --ahs---- C:\WINDOWS\zfyvoacsv.exe.hiv
2008-01-25 23:15 . 2008-02-01 12:20 768 --a------ C:\WINDOWS\szitqell.dat
2008-01-25 23:15 . 2008-01-25 13:04 512 --a------ C:\WINDOWS\nqqleamr.dat
2008-01-25 23:15 . 2008-02-01 12:20 76 --a------ C:\WINDOWS\yeosvhae.dat
2008-01-25 23:14 . 2008-02-01 12:49 14,890 --a------ C:\WINDOWS\system32\niluw.dll.vir
2008-01-25 23:14 . 2008-02-01 12:49 416 ---hs---- C:\WINDOWS\system32\niluw.cfg
2008-01-25 23:13 . 2008-02-01 12:52 17,589 --a------ C:\WINDOWS\system32\uohsom.dll.vir
2008-01-25 23:12 . 2008-02-01 12:52 552 ---hs---- C:\WINDOWS\system32\uohsom.cfg
2008-01-25 15:57 . 2008-01-25 15:57 138,752 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-01-25 13:09 . 2008-01-25 13:09 14,384 --a------ C:\WINDOWS\system32\gnaixnauhqq.dll.vir
2008-01-25 13:08 . 2008-01-25 13:08 144 ---hs---- C:\WINDOWS\system32\gnaixnauhqq.cfg
2008-01-25 13:05 . 2008-01-25 13:05 32,653 --a------ C:\WINDOWS\system32\NBNCompress.dll
2008-01-10 00:02 . 2008-02-01 12:45 2,870 --a------ C:\WINDOWS\WCFNWJXACTAHTW.DAT
2008-01-09 23:59 . 2008-02-01 12:48 89 --a------ C:\WINDOWS\system32\YIQGYM.OKC
2008-01-09 23:57 . 2003-04-26 00:37 <DIR> d-------- C:\Documents and Settings\ALL\WINDOWS
2008-01-09 23:57 . 2003-04-28 20:30 <DIR> d-------- C:\Documents and Settings\ALL\Application Data\Symantec
2008-01-09 23:57 . 2003-04-26 01:01 <DIR> d-------- C:\Documents and Settings\ALL\Application Data\SampleView
2008-01-09 23:57 . 2003-04-26 00:32 <DIR> d-------- C:\Documents and Settings\ALL\Application Data\InterTrust
2008-01-09 17:28 . 2008-01-09 17:28 <DIR> d-------- C:\WINDOWS\system32\8427E
2008-01-09 16:42 . 2008-01-25 23:41 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\AVG7
2008-01-09 16:41 . 2008-01-09 16:41 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2008-01-09 16:41 . 2008-01-09 16:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-01-09 16:41 . 2008-02-01 11:49 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg7
2008-01-08 17:18 . 2008-01-08 17:18 <DIR> d-------- C:\Program Files\Crawler
2008-01-08 17:18 . 2008-02-01 11:50 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Spyware Terminator
2008-01-08 17:18 . 2008-02-01 12:11 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-01-08 17:18 . 2008-01-08 17:18 8 --a------ C:\WINDOWS\system32\-58-10458-61
2008-01-08 17:17 . 2008-02-01 12:21 <DIR> d-------- C:\Program Files\Spyware Terminator
2008-01-08 17:17 . 2008-01-08 17:17 1,839,104 --a------ C:\WINDOWS\system32\servershow.dll
2008-01-08 17:17 . 2008-01-08 17:17 1,839,104 --a------ C:\WINDOWS\system32\drivers\servershow.sys
2008-01-08 17:17 . 2008-01-08 17:17 374,784 --a------ C:\WINDOWS\system32\serverhelp.exe
2008-01-08 17:17 . 2008-01-08 17:17 374,784 --a------ C:\WINDOWS\system32\drivers\serverhelp.sys
2008-01-08 17:17 . 2008-01-08 17:17 27,136 -r-hs---- C:\WINDOWS\system32\wincheck080121.dll
2008-01-08 17:16 . 2008-01-08 17:16 78 --a------ C:\WINDOWS\system32\zuoyue32.ini
2008-01-08 17:15 . 2008-01-11 15:51 201,216 --a------ C:\WINDOWS\system32\mwiszyys32_080121.dll
2008-01-08 17:15 . 2008-01-08 17:15 25,600 --a------ C:\WINDOWS\system32\lwizysys16_080121.dll
2008-01-08 17:15 . 2008-01-11 15:51 536 --a------ C:\WINDOWS\zuoyue16.ini
2008-01-08 17:03 . 2003-04-26 00:37 <DIR> d-------- C:\Documents and Settings\Administrator.YOUR-B79WZ4ROSE.000\WINDOWS
2008-01-08 17:03 . 2003-04-28 20:30 <DIR> d-------- C:\Documents and Settings\Administrator.YOUR-B79WZ4ROSE.000\Application Data\Symantec
2008-01-08 17:03 . 2003-04-26 01:01 <DIR> d-------- C:\Documents and Settings\Administrator.YOUR-B79WZ4ROSE.000\Application Data\SampleView
2008-01-08 17:03 . 2003-04-26 00:32 <DIR> d-------- C:\Documents and Settings\Administrator.YOUR-B79WZ4ROSE.000\Application Data\InterTrust
2008-01-08 16:58 . 2003-04-26 00:37 <DIR> d-------- C:\Documents and Settings\Administrator.YOUR-B79WZ4ROSE\WINDOWS
2008-01-01 10:13 . 2003-09-04 18:19 2,360,374 --a------ C:\WINDOWS\Wallpaper_Tutu.bmp
2008-01-01 03:29 . 2008-01-01 03:29 16,384 --a------ C:\WINDOWS\system32\admin1_ver1231.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-01 18:52 3 ----a-w C:\WINDOWS\system32\drivers\zy.txt
2008-02-01 18:52 3 ----a-w C:\WINDOWS\system32\drivers\wow6.txt
2008-02-01 18:50 3 ----a-w C:\WINDOWS\system32\drivers\qj.txt
2008-02-01 18:49 3 ----a-w C:\WINDOWS\system32\drivers\wl.txt
2008-02-01 18:49 3 ----a-w C:\WINDOWS\system32\drivers\cq.txt
2008-02-01 18:48 3 ----a-w C:\WINDOWS\system32\drivers\zx.txt
2008-02-01 18:48 3 ----a-w C:\WINDOWS\system32\drivers\wm.txt
2008-02-01 18:48 3 ----a-w C:\WINDOWS\system32\drivers\jh.txt
2008-02-01 18:48 3 ----a-w C:\WINDOWS\system32\drivers\hx.txt
2008-02-01 18:48 3 ----a-w C:\WINDOWS\system32\drivers\cs.txt
2008-02-01 18:47 3 ----a-w C:\WINDOWS\system32\drivers\wd.txt
2008-02-01 18:47 3 ----a-w C:\WINDOWS\system32\drivers\tl.txt
2008-02-01 18:47 3 ----a-w C:\WINDOWS\system32\drivers\1.txt
2008-02-01 18:21 21,900 ----a-w C:\WINDOWS\system32\drivers\NYJEKHJXRJ.DAT
2008-01-28 19:52 3 ----a-w C:\WINDOWS\system32\drivers\91.txt
2008-01-28 19:51 3 ----a-w C:\WINDOWS\system32\drivers\8.txt
2008-01-28 19:50 3 ----a-w C:\WINDOWS\system32\drivers\4.txt
2008-01-28 19:49 3 ----a-w C:\WINDOWS\system32\drivers\
0.txt
2008-01-28 19:48 3 ----a-w C:\WINDOWS\system32\drivers\xx.txt
2008-01-26 06:39 43,520 ----a-w C:\WINDOWS\RunSetup.exe
2008-01-22 15:31 53,248 ------w C:\WINDOWS\a311.exe
2008-01-08 22:44 0 ----a-w C:\WINDOWS\Fonts\cuy.dl
2008-01-08 22:18 --------- d-----w C:\Program Files\lg_fwupdate
2008-01-01 18:04 --------- d-----w C:\Program Files\Common Files\Real
2008-01-01 18:03 --------- d-----w C:\Program Files\MSN Messenger
2008-01-01 17:55 --------- d-----w C:\Program Files\StormII
2008-01-01 10:58 --------- d-----w C:\Program Files\tublog
2008-01-01 08:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Storm
2007-12-31 22:57 --------- d-----w C:\Documents and Settings\Owner\Application Data\Application Data
2007-12-31 22:46 21,900 ----a-w C:\WINDOWS\system32\drivers\KDZWISUUSMOFXR.DAT
2007-12-31 22:43 21,900 ----a-w C:\WINDOWS\system32\drivers\YSZHFK.DAT
2007-12-31 22:41 --------- d-----w C:\Documents and Settings\LocalService\Application Data\Yahoo!
2007-12-31 22:30 --------- d-----w C:\Program Files\Windows Live
2004-10-01 21:00 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
2004-07-08 16:48 38,447 ----a-w C:\Program Files\ladiesispimpstoo.htm
2003-11-08 22:57 203,061 ----a-w C:\Program Files\AIM+Setup.exe
2003-09-26 21:08 490,608 ----a-w C:\Program Files\ie6setup.exe
2003-09-17 18:27 267,472 ----a-w C:\Program Files\NSSetup.exe
2003-09-14 18:11 488,032 ----a-w C:\Program Files\PopUpStopperFree.exe
2004-06-06 20:13 140,800 --sh--r C:\WINDOWS\system32\msfxdf.exe
2004-06-06 20:13 221,184 --sh--r C:\WINDOWS\system32\msyetr.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [2003-03-11 18:11 114688]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-01-09 17:26 579072]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [1987-01-08 17:25 2834432]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-01-09 16:41 219136]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"zfyvoacsv"= zfyvoacsv.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
"mscheck"= rundll32.exe C:\WINDOWS\System32\wincheck080121.dll mymain
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"= C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL [2004-11-23 15:51 192512]
"{98907901-1416-3389-9981-372178569989}"= C:\WINDOWS\System32\kawdizy.dll [ ]
"{1D908534-AD45-920F-AC89-4024FA9D26D1}"= C:\WINDOWS\System32\gjfhayc.dll [ ]
"{3FA10261-B890-F432-A453-69F1023513F3}"= C:\WINDOWS\System32\gjcscyc.dll [ ]
"{778A7521-FA87-34AB-34C2-4893F3AD34C7}"= C:\WINDOWS\System32\swrcfzc.dll [ ]
"{1AD50A6B-2E1B-417F-A1EB-BB539E9EA06E}"= C:\WINDOWS\TEMP\tmp1Bhr.dll [ ]
"{4FA10261-B890-F432-A453-69F1023513F4}"= C:\WINDOWS\Fonts\gjcsdyc.dll [ ]
"{00E8090E-E519-4187-ADF4-B4E313A99947}"= [ ]
"{00B486C4-9758-4887-9755-C8761F5FDE61}"= [ ]
"{a572576d-320f-46a8-9d3c-98d96b319d64}"= C:\WINDOWS\System32\IGB_CQSJ_1024.dll [ ]
"{e000c9e2-1517-4970-be28-e103bda7d3dd}"= C:\WINDOWS\System32\DAA_DAA_1030.dll [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=utgnehz.dll,nauhgnem.dll,auhad.dll,nuygnef.dll,uohsom.dll,uyom.dll,gnolnai
t.dll,ijiq.dll,ijougiemnaw.dll,iemnaw.dll,niluw.dll,naixuhz.dll,xhtd.dll,oadgnohi
ac.dll,iqnauhc.dll,nahzij.dll,gnefnaib.dll,gsqq.dll,3auhad.dll,naijoad.dll,aixauh
.dll,xhqq.dll,QQ.dll,hjxr.dll,zqhs.dll,oadnew.dll,dgzg.dll,hz.dll,2ty.dll,jsfg.dl
l,rj.dll,fmxh.dll,jmx.dll,wtwx.dll,ddtj.dll,fz.dll,gnaixnauhuoyizqq.dll,gnaixnauh
qq.dll,2nauygniqaixnaij.dll,naijihzeuyouhz.dll,uyomielnux.dll,vlihzouhgnfe.dll,sf
hx.dll,eve.dll,jsqc.dll,wtiemnaw.dll,dqncj.dll
[HKLM\~\startupfolder\C:^Documents and Settings^Administrator.YOUR-B79WZ4ROSE.000^Start Menu^Programs^Startup^mod_sm.lnk]
path=C:\Documents and Settings\Administrator.YOUR-B79WZ4ROSE.000\Start Menu\Programs\Startup\mod_sm.lnk
backup=C:\WINDOWS\pss\mod_sm.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Compaq Connections.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Compaq Connections.lnk
backup=C:\WINDOWS\pss\Compaq Connections.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
backup=C:\WINDOWS\pss\QuickBooks Update Agent.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2007-10-10 19:51 39792 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]
--a------ 2004-04-27 16:18 61440 C:\Program Files\AIM\aim.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcxMonitor]
--a------ 2003-04-03 21:35 50176 C:\WINDOWS\ALCXMNTR.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DbgHlp32]
C:\WINDOWS\DbgHlp32.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
--a------ 2003-04-08 12:45 212992 C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
-ra------ 2002-12-17 11:40 49152 C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
--a------ 2003-05-06 23:56 188416 C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon05]
-ra------ 2003-05-22 06:55 483328 C:\WINDOWS\System32\hphmon05.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD05]
-ra------ 2003-05-22 07:03 49152 C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
--a------ 1998-05-07 17:04 52736 c:\windows\system\hpsysdrv.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
--------- 2005-07-08 08:25 1397760 C:\Program Files\Ahead\InCD\InCD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2006-10-30 09:36 256576 C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
C:\HP\KBD\KBD.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU]
--a------ 2005-04-12 10:11 229376 C:\Program Files\lg_fwupdate\fwupdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2002-08-20 23:08 1511453 C:\Program Files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsPrint32D]
C:\WINDOWS\bzceje.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVDispDrv]
C:\WINDOWS\NVDispDRV.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2006-10-25 18:58 282624 C:\Program Files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
--a------ 2002-09-13 22:42 212992 C:\WINDOWS\SMINST\RECGUARD.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSTray]
--a------ 2007-09-20 08:23 132624 C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSLDyn]
C:\WINDOWS\SSLDyn.exE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2005-04-13 03:48 36975 C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TUTU]
--a------ 2007-10-22 22:29 503880 C:\Program Files\tublog\tublog.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMedia32]
--a------ 2007-01-08 17:19 29180 C:\WINDOWS\system32\wmedia32.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe
R0 i7lj79;i7lj7;C:\WINDOWS\System32\DRIVERS\i7lj79.sys [2002-08-29 06:00]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2008-01-25 15:57]
R2 bdod4zr;bdod4zr;C:\WINDOWS\System32\drivers\bdod4zr.sys [2002-08-29 06:00]
R2 msfdef;IE Security Service;C:\WINDOWS\System32\msfxdf.exe [2004-06-06 14:13]
R2 msskye;msskye;C:\WINDOWS\System32\DRIVERS\msaclue.sys [2008-02-01 13:11]
R2 VLRGLUFCWO;WLZZZEKZGQJ;C:\WINDOWS\system32\svchost.exe [2002-08-29 06:00]
S2 B3A08860;B3A08860;C:\WINDOWS\System32\EDE3F2F0.EXE []
S2 LFXLBLWSSLZSJRD;LESCZFLVZZDT;C:\WINDOWS\system32\svchost.exe [2002-08-29 06:00]
S2 mseqsy;mseqsy;C:\WINDOWS\System32\DRIVERS\msacpe.sys []
S2 Serviceserverhelp;Serviceserverhelp;C:\WINDOWS\System32\serverplay.exe []
S3 DJ;DJ;C:\DOCUME~1\Owner\LOCALS~1\Temp\tmp263A.tmp []
S3 HnXa;HnXa;C:\WINDOWS\TEMP\tmp2F.tmp []
S3 WL;WL;C:\WINDOWS\TEMP\tmp20.tmp []
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
SBYZZTEHNDHFBIL REG_MULTI_SZ LFXLBLWSSLZSJRD
FCLLTHECHMRUHKE REG_MULTI_SZ VLRGLUFCWO
.
Contents of the 'Scheduled Tasks' folder
"2007-12-25 23:31:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2006-08-21 02:52:57 C:\WINDOWS\Tasks\easy Internet sign-up.job"
- C:\Program Files\Easy Internet signup\HPSdpApp.exe
"2007-12-20 23:36:00 C:\WINDOWS\Tasks\HP DArC Task #Hewlett-Packard#7600#MY355122XD7I.job"
- C:\Program Files\HP\hpcoretech\comp\hpdarc.exe$/#Hewlett-Packard#7600#MY355122XD7I
"2008-02-01 19:14:00 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-02-01 13:12:10
Windows 5.1.2600 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
C:\WINDOWS\vviepsjc.dll 6269 bytes executable
scan completed successfully
hidden files: 1
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\System32\uohsom.dll
-> C:\WINDOWS\System32\ijougiemnaw.dll
-> C:\WINDOWS\System32\niluw.dll
-> C:\WINDOWS\System32\naixuhz.dll
-> C:\WINDOWS\System32\iqnauhc.dll
-> C:\WINDOWS\System32\xhqq.dll
-> C:\WINDOWS\System32\hjxr.dll
-> C:\WINDOWS\System32\gnaixnauhqq.dll
-> C:\WINDOWS\System32\naijihzeuyouhz.dll
PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.1106]
-> C:\WINDOWS\system32\uohsom.dll
-> C:\WINDOWS\system32\ijougiemnaw.dll
-> C:\WINDOWS\system32\niluw.dll
-> C:\WINDOWS\system32\naixuhz.dll
-> C:\WINDOWS\system32\iqnauhc.dll
-> C:\WINDOWS\system32\xhqq.dll
-> C:\WINDOWS\system32\hjxr.dll
-> C:\WINDOWS\system32\gnaixnauhqq.dll
-> C:\WINDOWS\system32\naijihzeuyouhz.dll
PROCESS: C:\WINDOWS\Explorer.EXE [6.00.2800.1106]
-> C:\WINDOWS\System32\uohsom.dll
-> C:\WINDOWS\System32\ijougiemnaw.dll
-> C:\WINDOWS\System32\niluw.dll
-> C:\WINDOWS\System32\naixuhz.dll
-> C:\WINDOWS\System32\iqnauhc.dll
-> C:\WINDOWS\System32\xhqq.dll
-> C:\WINDOWS\System32\hjxr.dll
-> C:\WINDOWS\System32\gnaixnauhqq.dll
-> C:\WINDOWS\System32\naijihzeuyouhz.dll
-> C:\WINDOWS\system32\53age0l.dll
-> C:\WINDOWS\vviepsjc.dll
-> C:\WINDOWS\banbwvok.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\msfxdf.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\wdfmgr.exe
.
**************************************************************************
.
Completion time: 2008-02-01 13:17:00 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-01 19:16:50
----------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:22:28 PM, on 2/1/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\msfxdf.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://srch-qus8.hpwis.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://srch-qus8.hpwis.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://srch-qus8.hpwis.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://srch-qus8.hpwis.com/R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.comR1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://qus8.hpwis.com/R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll (file missing)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Policies\Explorer\Run: [zfyvoacsv] zfyvoacsv.exe
O4 - HKCU\..\Policies\Explorer\Run: [mscheck] rundll32.exe C:\WINDOWS\System32\wincheck080121.dll mymain
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - S-1-5-18 Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) -
http://ipgweb.cce.hp...ads/sysinfo.cabO16 - DPF: {56A7DC70-E102-4408-A34A-AE06FEF01586} -
http://iebar.t2t2.com/iebar.cabO16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) -
http://ipgweb.cce.hp...oads/msxml4.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{45F790B3-2226-440E-9ED9-B6DCB6888BDF}: NameServer = 68.94.156.1 68.94.157.1
O20 - AppInit_DLLs: utgnehz.dll,nauhgnem.dll,auhad.dll,nuygnef.dll,uohsom.dll,uyom.dll,gnolnait.dll,
ijiq.dll,ijougiemnaw.dll,iemnaw.dll,niluw.dll,naixuhz.dll,xhtd.dll,oadgnohiac.dll
,iqnauhc.dll,nahzij.dll,gnefnaib.dll,gsqq.dll,3auhad.dll,naijoad.dll,aixauh.dll,x
hqq.dll,QQ.dll,hjxr.dll,zqhs.dll,oadnew.dll,dgzg.dll,hz.dll,2ty.dll,jsfg.dll,rj.d
ll,fmxh.dll,jmx.dll,wtwx.dll,ddtj.dll,fz.dll,gnaixnauhuoyizqq.dll,gnaixnauhqq.dll
,2nauygniqaixnaij.dll,naijihzeuyouhz.dll,uyomielnux.dll,vlihzouhgnfe.dll,sfhx.dll
,eve.dll,jsqc.dll,wtiemnaw.dll,dqncj.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: B3A08860 - Unknown owner - C:\WINDOWS\System32\EDE3F2F0.EXE (file missing)
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: IE Security Service (msfdef) - Unknown owner - C:\WINDOWS\System32\msfxdf.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Serviceserverhelp - Unknown owner - C:\WINDOWS\System32\serverplay.exe (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
--
End of file - 6727 bytes
This topic is locked
Sign In
Create Account
