Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.75 [GMT -5:00]
Running from: C:\Documents and Settings\Mom\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Mom\Desktop\WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
* Created a new restore point
.
((((((((((((((((((((((((( Files Created from 2008-04-05 to 2008-05-05 )))))))))))))))))))))))))))))))
.
2008-05-05 00:54 . 2008-05-05 00:54 <DIR> d-------- C:\Program Files\DNA
2008-05-05 00:54 . 2008-05-05 00:54 <DIR> d-------- C:\Program Files\BitTorrent
2008-05-05 00:54 . 2008-05-05 00:54 <DIR> d-------- C:\Documents and Settings\Mom\Application Data\DNA
2008-05-05 00:54 . 2008-05-05 00:54 <DIR> d-------- C:\Documents and Settings\Mom\Application Data\BitTorrent
2008-04-27 19:05 . 2008-04-27 19:05 <DIR> d-------- C:\Documents and Settings\Mom\Application Data\Yahoo!
2008-04-24 22:49 . 2008-04-24 22:49 302 --a------ C:\Shortcut to MGtools.exe.lnk
2008-04-23 06:58 . 2005-06-30 16:58 7,296 --a------ C:\WINDOWS\system32\drivers\osaio.sys
2008-04-22 23:47 . 2008-04-22 23:47 <DIR> d-------- C:\Documents and Settings\Mom\WINDOWS
2008-04-22 22:46 . 2008-04-22 22:46 <DIR> d-------- C:\Program Files\Avira
2008-04-22 22:46 . 2008-04-22 22:46 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-04-22 19:11 . 2005-01-13 22:41 11,254 --a------ C:\WINDOWS\system32\locate.com
2008-04-22 19:09 . 2008-05-05 08:34 34,987 --a------ C:\MGlogs.zip
2008-04-22 19:08 . 2008-04-22 19:08 <DIR> d-------- C:\MGtools
2008-04-22 16:39 . 2008-04-22 16:39 <DIR> d-------- C:\Program Files\IObit
2008-04-18 22:33 . 2008-04-18 22:33 <DIR> d-------- C:\Documents and Settings\Mom\Application Data\VSRevoGroup
2008-04-17 16:54 . 2008-04-17 16:54 <DIR> d-------- C:\Program Files\VS Revo Group
2008-04-16 17:24 . 2008-04-16 17:40 81,984 --a------ C:\WINDOWS\system32\bdod.bin
2008-04-16 13:24 . 2008-04-16 13:24 <DIR> d-------- C:\Documents and Settings\Administrator.ACER-684C9A655D
2008-04-16 13:24 . 2008-05-05 16:18 1,024 --ah----- C:\Documents and Settings\Administrator.ACER-684C9A655D\ntuser.dat.LOG
2008-04-16 11:09 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-04-16 11:07 . 2008-04-16 11:08 <DIR> d-------- C:\Program Files\Java
2008-04-16 11:05 . 2008-04-16 11:05 <DIR> d-------- C:\Program Files\Common Files\Java
2008-04-16 09:15 . 2008-04-16 09:15 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2008-04-16 00:38 . 2008-04-16 00:38 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-16 00:38 . 2008-04-16 00:39 <DIR> d-------- C:\Documents and Settings\Mom\Application Data\Malwarebytes
2008-04-16 00:38 . 2008-04-16 00:38 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-16 00:37 . 2008-04-16 00:37 <DIR> d-------- C:\Program Files\Common Files\Download Manager
2008-04-15 19:56 . 2008-04-15 19:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-04-15 19:53 . 2008-04-15 19:53 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-04-15 19:53 . 2008-04-15 19:53 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-15 19:53 . 2008-04-15 19:53 <DIR> d-------- C:\Documents and Settings\Mom\Application Data\SUPERAntiSpyware.com
2008-04-15 19:51 . 2008-04-15 19:51 1,239,357 --a------ C:\MGtools.exe
2008-04-15 10:03 . 2008-04-15 10:03 10 --a------ C:\WINDOWS\bdinit.ini
2008-04-15 08:12 . 2008-04-15 08:12 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-04-14 23:10 . 2008-04-14 23:10 <DIR> d-------- C:\WINDOWS\SxsCaPendDel
2008-04-10 08:39 . 2008-04-10 08:39 <DIR> d-------- C:\Documents and Settings\Administrator
2008-04-10 08:39 . 2008-05-05 16:18 1,024 --ah----- C:\Documents and Settings\Administrator\ntuser.dat.LOG
2008-04-09 16:13 . 2008-04-09 16:13 <DIR> d-------- C:\Documents and Settings\Mom\Application Data\Motive
2008-04-09 14:32 . 2008-04-09 14:32 <DIR> d-------- C:\Program Files\att-nap
2008-04-09 14:27 . 2008-04-09 14:27 <DIR> d-------- C:\Program Files\Common Files\Motive
2008-04-09 14:15 . 2008-04-09 14:15 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Motive
2008-04-09 06:18 . 2008-03-01 08:06 826,368 --a------ C:\WINDOWS\system32\wininet.dll
2008-04-07 13:23 . 2008-04-07 13:23 <DIR> d-------- C:\Program Files\Trend Micro
2008-04-07 02:29 . 2008-04-07 02:29 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-04-05 22:47 . 2008-04-05 22:47 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-04-05 22:32 . 2004-08-04 05:00 562,176 --a------ C:\WINDOWS\system32\fxsst.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-05 04:49 --------- d-----w C:\Program Files\CCleaner
2008-04-05 03:33 --------- d-----w C:\Documents and Settings\LocalService\Application Data\Talkback
2008-04-05 02:14 --------- d-----w C:\Documents and Settings\Mom\Application Data\Talkback
2008-04-05 02:07 --------- d-----w C:\Documents and Settings\Mom\Application Data\MySpace
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\dllcache\win32k.sys
2008-03-17 00:13 13,146 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2008-03-01 23:36 3,591,680 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-02-29 08:55 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-02-29 08:55 625,664 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-02-22 10:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\dllcache\gdi32.dll
2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
2008-02-20 05:32 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-02-15 05:44 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
2007-02-03 15:51 14 ----a-w C:\Documents and Settings\Mom\getfile.dat
2007-02-02 23:51 14 ----a-w C:\Documents and Settings\Caitlan\getfile.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 05:00 15360]
"YSearchProtection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [2008-01-10 11:41 223984]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2007-08-30 17:43 4670704]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-05-05 00:54 289088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"epm-dm"="c:\acer\Empowering Technology\ePower\epm-dm.exe" [2005-11-10 19:09 212992]
"SmartDefrag"="C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" [2008-04-17 14:51 1870592]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]
"YSearchProtection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [2008-01-10 11:41 223984]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\khffdeb]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Wbutton"="C:\Program Files\Launch Manager\Wbutton.exe"
"ViewMgr"=C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
"SoundMan"=SOUNDMAN.EXE
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"preload"=C:\Windows\RUNXMLPL.exe
"PowerKey"="C:\Program Files\Launch Manager\PowerKey.exe"
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
"New.net Startup"=rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
"My Web Search Bar"=rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL,S
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
"LMgrOSD"="C:\Program Files\Launch Manager\OSDCtrl.exe"
"LManager"="C:\Program Files\Launch Manager\HotkeyApp.exe"
"LaunchAp"="C:\Program Files\Launch Manager\LaunchAp.exe"
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe
"HostManager"=C:\Program Files\Common Files\AOL\1153274848\ee\AOLHostManager.exe
"CtrlVol"="C:\Program Files\Launch Manager\CtrlVol.exe"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\DNA\\btdna.exe"=
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R1 OsaFsLoc;OsaFsLoc;C:\WINDOWS\system32\drivers\OsaFsLoc.sys [2005-10-15 18:20]
R2 EpmPsd;Acer EPM Power Scheme Driver;C:\WINDOWS\system32\drivers\epm-psd.sys [2004-07-19 13:10]
R2 EpmShd;Acer EPM System Hardware Driver;C:\WINDOWS\system32\drivers\epm-shd.sys [2005-04-07 18:08]
R2 McciCMService;McciCMService;"C:\Program Files\Common Files\Motive\McciCMService.exe" [2008-01-28 15:56]
R2 osaio;osaio;C:\WINDOWS\system32\drivers\osaio.sys [2005-06-30 16:58]
R2 osanbm;osanbm;C:\WINDOWS\system32\drivers\osanbm.sys [2005-01-14 15:57]
S3 MREMP50;MREMP50 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2008-01-28 15:56]
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2008-01-28 15:56]
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 NdisFilt;OSA NdisFilter Protocol;C:\WINDOWS\system32\Drivers\NdisFilt.sys [2005-09-13 15:34]
S3 POWERKEY;POWERKEY;C:\Program Files\Launch Manager\POWERKEY.sys []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - D:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\Shell\AutoRun\command - E:\AT&T_High_Speed_Internet_Service.exe
*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
"2008-05-05 21:14:32 C:\WINDOWS\Tasks\User_Feed_Synchronization-{A2A3890F-8EC6-4F47-BB24-AF97C7DB308A}.job"
- C:\WINDOWS\system32\msfeedssync.exe
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-05 16:25:35
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-05-05 16:26:12
ComboFix-quarantined-files.txt 2008-05-05 21:26:06
ComboFix3.txt 2008-04-16 09:42:46
ComboFix2.txt 2008-05-05 21:20:46
Pre-Run: 5,498,978,304 bytes free
Post-Run: 5,461,606,400 bytes free
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
177 --- E O F --- 2008-04-17 00:47:48
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:04:06 PM, on 5/5/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\netdde.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Acer\Empowering Technology\admServ.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\acer\Empowering Technology\ePower\epm-dm.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [epm-dm] c:\acer\Empowering Technology\ePower\epm-dm.exe
O4 - HKLM\..\Run: [SmartDefrag] "C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /StartUp
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O8 - Extra context menu item: &Sample Toolband Serach - res://C:\WINDOWS\system32\ToolBand.dll/MENUSEARCH.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace....ploader1006.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun....ows-i586-jc.cab
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} (Java Plug-in 1.5.0_04) -
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: khffdeb - C:\WINDOWS\
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
--
End of file - 6893 bytes