Virus Geede.dll ---- Combofix & HJT logs inside

Thank you for your help in advance for your time and help.

ComboFix 08-03-05.1 - ToRcH 2008-03-05 15:22:21.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.1.1252.1.1033.18.565 [GMT -8:00]
Running from: C:\Documents and Settings\ToRcH\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\LocalService\Application Data\NetMon
C:\Documents and Settings\LocalService\Application Data\NetMon\domains.txt
C:\Documents and Settings\LocalService\Application Data\NetMon\log.txt
C:\Documents and Settings\NetworkService\Application Data\NetMon
C:\Documents and Settings\NetworkService\Application Data\NetMon\domains.txt
C:\Documents and Settings\NetworkService\Application Data\NetMon\log.txt
C:\Documents and Settings\ToRcH\Start Menu\Programs\Outerinfo
C:\Documents and Settings\ToRcH\Start Menu\Programs\Outerinfo\Terms.lnk
C:\Documents and Settings\ToRcH\Start Menu\Programs\Outerinfo\Uninstall.lnk
C:\Program Files\Common Files\crosof~1.net
C:\Program Files\Common Files\smante~1
C:\Program Files\Common Files\smante~1\S?mantec\
C:\Program Files\Common Files\Yazzle1560OinUninstaller.exe
C:\Program Files\Common Files\ystem~1
C:\Program Files\inetget2
C:\Program Files\kernel
C:\Program Files\kernel\kernel .exe
C:\Program Files\network monitor
C:\Program Files\outerinfo
C:\Program Files\outerinfo\FF\chrome.manifest
C:\Program Files\outerinfo\FF\components\OuterinfoAds.xpt
C:\Program Files\outerinfo\FF\install.rdf
C:\Program Files\outerinfo\Terms.rtf
C:\Program Files\Router
C:\Program Files\Temporary
C:\Program Files\Temporary\InsiDERInst.exe
C:\Program Files\Temporary\kernInstall.exe
C:\Program Files\Windows Media Player\rtepre.html
C:\Program Files\winupdates
C:\Program Files\ystem3~1
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\Temp\sanR24
C:\Temp\sanR24\lDii.log
C:\WINDOWS\b153.exe
C:\WINDOWS\cookies.ini
C:\WINDOWS\dobe~1
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\andt.sys
C:\WINDOWS\system32\atmtd.dll
C:\WINDOWS\system32\atmtd.dll._
C:\WINDOWS\system32\cexxagvj.dll
C:\WINDOWS\system32\dobe~1
C:\WINDOWS\system32\drmgs.sys
C:\WINDOWS\system32\edeeg.ini
C:\WINDOWS\system32\edeeg.ini2
C:\WINDOWS\system32\geede.dll
C:\WINDOWS\system32\geede.exe
C:\WINDOWS\system32\iDlo01
C:\WINDOWS\system32\iexplorer.dll .dbt
C:\WINDOWS\system32\Indt2.sys
C:\WINDOWS\system32\lmhvfnsy.ini
C:\WINDOWS\system32\mduwyigr.dllbox
C:\WINDOWS\system32\mgwrugyi.ini
C:\WINDOWS\system32\nrfkkmyg.ini
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\routing.exe
C:\WINDOWS\system32\tikjvvmp.ini
C:\WINDOWS\system32\tmp0_252439889380.bk
C:\WINDOWS\system32\wsnpoem
C:\WINDOWS\system32\wsnpoem\audio.dll
C:\WINDOWS\system32\wsnpoem\video.dll
C:\WINDOWS\VG9SY0hY\

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_CMDSERVICE
-------\LEGACY_DOMAINSERVICE
-------\LEGACY_PERFMONS
-------\LEGACY_ROUTING
-------\cmdService
-------\DomainService
-------\perfmons
-------\Routing

((((((((((((((((((((((((( Files Created from 2008-02-05 to 2008-03-05 )))))))))))))))))))))))))))))))
.

2008-03-05 06:31 . 2008-03-05 06:48 91,700 --a------ C:\WINDOWS\system32\drivers\klin.dat
2008-03-05 06:31 . 2008-03-05 06:31 85,860 --a------ C:\WINDOWS\system32\drivers\klick.dat
2008-03-05 06:30 . 2008-03-05 15:32 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab
2008-03-05 06:30 . 2008-03-05 15:31 1,754,400 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-03-05 06:30 . 2008-03-05 15:30 24,548 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-03-05 06:30 . 2008-03-05 15:31 9,504 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-03-05 06:30 . 2008-03-05 15:30 1,916 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
2008-03-05 05:53 . 2008-03-05 05:53 265 --a------ C:\WINDOWS\system32\adcklog.dat
2008-03-05 04:51 . 2008-03-05 04:51 68 --a------ C:\WINDOWS\system32\tmp4_561018733958.bk
2008-03-05 04:51 . 2008-03-05 04:51 68 --a------ C:\WINDOWS\system32\tmp3_415692298922.bk
2008-03-05 04:51 . 2008-03-05 04:51 68 --a------ C:\WINDOWS\system32\tmp2_12815178422.bk
2008-03-05 04:51 . 2008-03-05 04:51 68 --a------ C:\WINDOWS\system32\tmp1_275595611595.bk
2008-03-05 04:50 . 2008-03-05 04:50 59,392 --a------ C:\WINDOWS\MicroSoft.pif
2008-03-05 04:50 . 2008-03-05 04:50 210 --a------ C:\WINDOWS\MicroSoft.vbs
2008-03-05 04:45 . 2008-03-05 06:31 1,302,964 --ahs---- C:\WINDOWS\system32\eqnngenj.ini
2008-03-04 09:15 . 2008-03-04 09:14 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-03-04 09:14 . 2008-03-04 09:16 <DIR> d-------- C:\Documents and Settings\ToRcH\.housecall6.6
2008-03-04 00:27 . 2008-03-04 20:49 1,302,470 --ahs---- C:\WINDOWS\system32\elgqtiuh.ini
2008-03-04 00:13 . 2008-03-04 00:26 1,302,143 --ahs---- C:\WINDOWS\system32\wrgpbhia.ini
2008-03-04 00:07 . 2008-03-04 00:07 <DIR> d-------- C:\Program Files\Kaspersky Lab
2008-03-03 23:59 . 2008-03-03 23:59 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab Setup Files
2008-03-03 15:28 . 2008-03-03 15:28 20,480 --a------ C:\WINDOWS\quit.exe
2008-03-01 21:40 . 2008-03-04 00:04 <DIR> d-------- C:\Program Files\Google
2008-03-01 21:39 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-02-25 22:51 . 2008-02-25 22:51 <DIR> d-------- C:\Program Files\DivX
2008-02-25 22:51 . 2008-02-25 22:51 <DIR> d-------- C:\Documents and Settings\ToRcH\Application Data\DivX
2008-02-25 19:24 . 2008-03-05 06:52 <DIR> d-------- C:\Program Files\Winamp
2008-02-25 19:24 . 2008-02-25 20:05 <DIR> d-------- C:\Documents and Settings\ToRcH\Application Data\Winamp
2008-02-25 19:14 . 2002-08-29 01:32 159,360 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2008-02-25 19:13 . 2001-07-21 18:49 2,104,298 --a------ C:\WINDOWS\system32\drivers\2gmgsmt.sf2
2008-02-23 20:16 . 2008-02-23 20:16 <DIR> d-------- C:\Program Files\Creative
2008-02-23 20:16 . 2003-06-12 23:25 7,062 --a------ C:\WINDOWS\system32\audiopid.vxd
2008-02-20 18:05 . 2008-02-20 18:05 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-02-20 18:05 . 2008-02-20 18:05 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2008-02-20 18:05 . 2008-02-20 18:05 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe
2008-02-20 18:05 . 2008-02-20 18:05 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2008-02-20 18:05 . 2008-02-20 18:05 4,816 --a------ C:\WINDOWS\system32\divxsm.tlb
2008-02-20 18:03 . 2008-02-20 18:03 630,784 --a------ C:\WINDOWS\system32\divxdec.ax
2008-02-20 18:03 . 2008-02-20 18:03 352,401 --a------ C:\WINDOWS\system32\DivXMedia.ax
2008-02-20 18:03 . 2008-02-20 18:03 156,992 --a------ C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-02-20 18:03 . 2008-02-20 18:03 12,288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2008-02-18 21:57 . 2003-06-18 17:31 17,920 --a------ C:\WINDOWS\system32\mdimon.dll
2008-02-18 21:57 . 2008-02-18 21:57 376 --a------ C:\WINDOWS\ODBC.INI
2008-02-18 21:56 . 2008-02-18 21:56 <DIR> d-------- C:\Program Files\Microsoft ActiveSync
2008-02-18 21:55 . 2008-02-18 21:56 <DIR> d-------- C:\WINDOWS\SHELLNEW
2008-02-18 21:53 . 2008-02-18 21:53 <DIR> dr-h----- C:\MSOCache
2008-02-09 14:43 . 2008-02-09 14:45 <DIR> d-------- C:\Program Files\Allok AVI to DVD SVCD VCD Converter

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-05 14:52 --------- d-----w C:\Program Files\DAEMON Tools Pro
2008-03-05 14:26 --------- d-----w C:\Documents and Settings\ToRcH\Application Data\mIRC
2008-03-05 12:49 --------- d-----w C:\Program Files\mIRC
2008-03-02 19:37 --------- d-----w C:\Documents and Settings\ToRcH\Application Data\LimeWire
2008-03-02 05:39 --------- d-----w C:\Program Files\Java
2008-02-24 04:21 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-02-24 04:20 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-21 02:05 9,464 ----a-w C:\WINDOWS\system32\drivers\cdralw2k.sys
2008-02-21 02:05 9,336 ----a-w C:\WINDOWS\system32\drivers\cdr4_xp.sys
2008-02-21 02:05 43,528 ----a-w C:\WINDOWS\system32\drivers\PxHelp20.sys
2008-02-21 02:05 129,784 ----a-w C:\WINDOWS\system32\pxafs.dll
2008-02-21 02:05 120,056 ----a-w C:\WINDOWS\system32\pxcpyi64.exe
2008-02-21 02:05 118,520 ----a-w C:\WINDOWS\system32\pxinsi64.exe
2008-02-21 02:04 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2008-02-21 02:04 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2008-02-21 02:04 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2008-02-21 02:04 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2008-02-21 02:04 682,496 ----a-w C:\WINDOWS\system32\DivX.dll
2008-02-21 02:04 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-02-21 02:04 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2008-02-21 02:04 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-02-21 02:04 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2008-02-21 02:04 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2008-02-21 02:04 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2008-02-21 02:04 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2008-02-07 02:41 --------- d-----w C:\Documents and Settings\ToRcH\Application Data\AVG7
2008-02-04 23:35 --------- d-----w C:\Program Files\PhoTags Express
2008-01-16 19:25 --------- d-----w C:\Program Files\Yahoo!
2008-01-15 05:05 --------- d-----w C:\Program Files\Common Files\Adobe
2008-01-09 20:51 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2008-01-09 20:51 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2008-01-09 20:51 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AVG7
2008-01-09 20:50 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft
2008-01-09 19:26 --------- d-----w C:\Program Files\Quicken
2008-01-05 20:24 --------- d-----w C:\Program Files\LimeWire
2007-12-18 08:44 219,664 ----a-w C:\WINDOWS\system32\klogon.dll
2005-08-29 15:55 588 ----a-w C:\Program Files\INSTALL.LOG
2003-11-05 00:04 271 --sh--w C:\Program Files\desktop.ini
2003-11-05 00:04 21,952 ---ha-w C:\Program Files\folder.htt
.

<pre>
----a-w			39,792 2008-03-05 14:37:00  C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl .exe
----a-w		   153,136 2008-03-05 14:36:53  C:\Program Files\Common Files\Nero\Lib\NeroCheck .exe
----a-w		   202,024 2008-01-09 19:35:03  C:\Program Files\Common Files\Nero\Lib\NMBgMonitor .exe
----a-w		   136,136 2008-03-05 14:37:09  C:\Program Files\DAEMON Tools Pro\DTProAgent .exe
----a-w		   132,496 2008-03-05 14:37:03  C:\Program Files\Java\jre1.6.0_03\bin\jusched .exe
----a-w		 1,511,453 2008-03-05 14:37:15  C:\Program Files\Messenger\msmsgs .exe
----a-w		 1,836,328 2008-03-05 14:37:00  C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan .exe
----a-w			37,376 2008-03-05 14:37:00  C:\Program Files\Winamp\winampa .exe
----a-w		 5,036,032 2008-01-09 06:38:14  C:\Program Files\Yahoo!\Messenger\YahooMessenger	 .exe
----a-w		 5,036,032 2008-01-09 01:14:52  C:\Program Files\Yahoo!\Messenger\YahooMessenger	.exe
----a-w		 5,036,032 2008-03-05 14:36:42  C:\Program Files\Yahoo!\Messenger\YahooMessenger  .exe
----a-w		 4,670,704 2008-03-05 17:48:51  C:\Program Files\Yahoo!\Messenger\YahooMessenger .exe
</pre>

------- Sigcheck -------

01ce27a41ca8c619228743937ca17a16 C:\WINDOWS\system32\winlogon.exe
----a-w 516,608 2007-11-11 22:35:11 C:\WINDOWS\system32\winlogon.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{98EBD74A-DF60-4DAE-B4E7-48A24FC7397A}]
C:\Program Files\Internet Explorer\metoboji24418.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A42408BE-7E8C-4989-A546-2A0B132D2226}]
C:\Program Files\Internet Explorer\metoboji83122.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BEB2C1C5-165D-494B-A2C9-F2CD6910E69B}]
C:\Program Files\Internet Explorer\metoboji4444.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ECFFDB62-16A8-1B2B-D228-3FE677F20BEC}]
C:\WINDOWS\System32\yeh.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F913984E-5F49-4918-CEBB-2F957B0A5F99}]
C:\Program Files\Windows Media Player\quga625.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [ ]
"DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [ ]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [ ]
"Router"="C:\Program Files\Router\Router.exe" [ ]
"Ooda"="C:\PROGRA~1\COMMON~1\SMANTE~1\wuauboot.exe" [ ]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger .exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [ ]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [ ]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [ ]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [ ]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [ ]
"5c194b74"="C:\WINDOWS\System32\jnegnnqe.dll" [ ]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [2007-12-18 00:43 227856]

C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\
Photags AutoDetect.lnk - C:\Program Files\PhoTags Express\Photags AutoDetect.exe [2008-02-04 15:32:57 364544]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\efccaxv]
efccaxv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\iifgfcd]
iifgfcd.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mduwyigr]
mduwyigr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\System32\DRIVERS\klim5.sys [2007-12-13 13:28]

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-05 15:31:52
Windows 5.1.2600 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\System32\devldr32.exe
.
**************************************************************************
.
Completion time: 2008-03-05 15:35:24 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-05 23:35:03

HJT log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:09:45 PM, on 3/5/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\PhoTags Express\Photags AutoDetect.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\devldr32.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\ToRcH\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ca.my.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {98EBD74A-DF60-4DAE-B4E7-48A24FC7397A} - C:\Program Files\Internet Explorer\metoboji24418.dll (file missing)
O2 - BHO: (no name) - {A42408BE-7E8C-4989-A546-2A0B132D2226} - C:\Program Files\Internet Explorer\metoboji83122.dll (file missing)
O2 - BHO: (no name) - {BEB2C1C5-165D-494B-A2C9-F2CD6910E69B} - C:\Program Files\Internet Explorer\metoboji4444.dll (file missing)
O2 - BHO: (no name) - {ECFFDB62-16A8-1B2B-D228-3FE677F20BEC} - C:\WINDOWS\System32\yeh.dll (file missing)
O2 - BHO: 0 - {F913984E-5F49-4918-CEBB-2F957B0A5F99} - C:\Program Files\Windows Media Player\quga625.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [5c194b74] rundll32.exe "C:\WINDOWS\System32\jnegnnqe.dll",b
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Router] C:\Program Files\Router\Router.exe
O4 - HKCU\..\Run: [Ooda] "C:\PROGRA~1\COMMON~1\SMANTE~1\wuauboot.exe" -vt yazb
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger .exe" -quiet
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - Global Startup: Photags AutoDetect.lnk = C:\Program Files\PhoTags Express\Photags AutoDetect.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative....031/CTSUEng.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative....15034/CTPID.cab
O20 - Winlogon Notify: efccaxv - efccaxv.dll (file missing)
O20 - Winlogon Notify: iifgfcd - iifgfcd.dll (file missing)
O20 - Winlogon Notify: mduwyigr - mduwyigr.dll (file missing)
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

--
End of file - 5654 bytes

#1
imdamatrix

Posted 05 March 2008 - 09:12 PM

Advertisements

#2
imdamatrix

Posted 05 March 2008 - 09:13 PM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us