Combofix.txtComboFix 08-08-03.02 - Jake 2008-08-03 20:08:27.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2081 [GMT -4:00]
Running from: I:\Documents and Settings\Jake\Desktop\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!.
((((((((((((((((((((((((( Files Created from 2008-07-04 to 2008-08-04 )))))))))))))))))))))))))))))))
.
2008-08-03 13:23 . 2008-08-03 13:39 <DIR> d-------- I:\Documents and Settings\All Users\Application Data\Outspark
2008-08-02 21:55 . 2008-08-02 21:55 490 --a------ I:\WINDOWS\my.ini
2008-08-02 09:03 . 2008-08-02 21:34 <DIR> d-------- I:\Documents and Settings\Jake\Application Data\Free Download Manager
2008-08-02 09:03 . 2008-08-02 09:03 <DIR> d-------- I:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
2008-08-01 21:21 . 2007-11-30 17:28 15,104 --a------ I:\WINDOWS\system32\drivers\usbscan.sys
2008-08-01 21:21 . 2007-11-30 17:28 15,104 --a--c--- I:\WINDOWS\system32\dllcache\usbscan.sys
2008-08-01 21:10 . 2008-08-01 21:10 <DIR> d-------- I:\Program Files\COMODO
2008-08-01 21:10 . 2008-08-01 21:10 <DIR> d-------- I:\Documents and Settings\Jake\Application Data\Comodo
2008-08-01 21:10 . 2008-08-01 21:21 <DIR> d-------- I:\Documents and Settings\All Users\Application Data\comodo
2008-08-01 21:10 . 2008-08-01 21:10 143,104 --a------ I:\WINDOWS\system32\guard32.dll
2008-08-01 21:10 . 2008-08-01 21:10 87,056 --a------ I:\WINDOWS\system32\drivers\cmdguard.sys
2008-08-01 21:10 . 2008-08-01 21:10 24,208 --a------ I:\WINDOWS\system32\drivers\cmdhlp.sys
2008-08-01 13:46 . 2008-08-01 13:46 <DIR> d-------- I:\Documents and Settings\Jake\Application Data\InstallShield
2008-08-01 13:46 . 2007-04-27 11:12 78,784 --a------ I:\WINDOWS\system32\ISUSPM.cpl
2008-08-01 13:04 . 2008-08-01 13:04 <DIR> d-------- I:\NetGame
2008-07-31 20:57 . 2008-07-31 20:57 <DIR> d-------- I:\Program Files\Microsoft Silverlight
2008-07-31 20:51 . 2008-07-31 20:51 <DIR> d-------- I:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-07-31 20:27 . 2008-07-31 20:27 <DIR> d-------- I:\Program Files\Canon
2008-07-31 20:26 . 2008-07-31 20:26 <DIR> d-------- I:\Program Files\ScanSoft
2008-07-31 20:26 . 2008-07-31 20:26 <DIR> d-------- I:\Program Files\Common Files\ScanSoft Shared
2008-07-31 20:26 . 2008-07-31 20:26 <DIR> d-------- I:\Documents and Settings\Jake\Application Data\ScanSoft
2008-07-31 20:26 . 2008-07-31 20:26 <DIR> d-------- I:\Documents and Settings\All Users\Application Data\ScanSoft
2008-07-31 20:26 . 2008-07-31 20:26 <DIR> d-------- I:\Documents and Settings\All Users\Application Data\InstallShield
2008-07-31 20:26 . 2008-07-31 20:26 416 --a------ I:\WINDOWS\MAXLINK.INI
2008-07-31 20:25 . 2008-07-31 20:25 <DIR> d--h----- I:\CanoScan
2008-07-31 20:25 . 2005-06-23 22:17 352,256 --a------ I:\WINDOWS\system32\CNQL1213.DLL
2008-07-31 20:25 . 2005-02-28 13:20 57,344 --a------ I:\WINDOWS\system32\CNQU110.DLL
2008-07-26 22:38 . 2008-07-26 22:38 <DIR> d-------- I:\Program Files\Common Files\Download Manager
2008-07-26 22:38 . 2008-07-26 22:38 <DIR> d-------- I:\Documents and Settings\Jake\Application Data\Malwarebytes
2008-07-26 22:38 . 2008-07-26 22:38 <DIR> d-------- I:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-26 22:38 . 2008-07-30 20:07 38,472 --a------ I:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-07-26 22:38 . 2008-07-30 20:07 17,144 --a------ I:\WINDOWS\system32\drivers\mbam.sys
2008-07-26 21:54 . 2008-07-26 21:54 <DIR> d-------- I:\Deckard
2008-07-26 02:16 . 2008-07-26 02:17 <DIR> d-------- I:\Documents and Settings\All Users\Application Data\Lavasoft
2008-07-26 02:15 . 2008-07-31 20:34 <DIR> d-a------ I:\Documents and Settings\All Users\Application Data\TEMP
2008-07-26 00:48 . 2008-07-26 00:48 <DIR> d-------- I:\Program Files\Common Files\DirectX
2008-07-25 05:23 . 2008-07-31 18:14 <DIR> d-------- I:\Program Files\Neffy
2008-07-21 12:34 . 2008-05-30 14:11 3,850,760 --a------ I:\WINDOWS\system32\D3DX9_38.dll
2008-07-21 12:34 . 2008-05-30 14:11 1,491,992 --a------ I:\WINDOWS\system32\D3DCompiler_38.dll
2008-07-21 12:34 . 2008-05-30 14:19 507,400 --a------ I:\WINDOWS\system32\XAudio2_1.dll
2008-07-21 12:34 . 2008-05-30 14:11 467,984 --a------ I:\WINDOWS\system32\d3dx10_38.dll
2008-07-21 12:34 . 2008-05-30 14:18 238,088 --a------ I:\WINDOWS\system32\xactengine3_1.dll
2008-07-21 12:34 . 2008-05-30 14:17 65,032 --a------ I:\WINDOWS\system32\XAPOFX1_0.dll
2008-07-21 12:34 . 2008-05-30 14:17 25,608 --a------ I:\WINDOWS\system32\X3DAudio1_4.dll
2008-07-21 12:33 . 2008-07-21 12:33 <DIR> d-------- I:\WINDOWS\Logs
2008-07-21 01:15 . 2008-07-21 01:18 96 --ah----- I:\WINDOWS\system32\HsInfo.dat
2008-07-20 20:17 . 2008-07-20 20:18 <DIR> d-------- I:\Documents and Settings\Jake\Application Data\ImgBurn
2008-07-16 06:21 . 2008-07-16 06:21 <DIR> d-------- I:\Documents and Settings\Jake\.thumbnails
2008-07-15 21:30 . 2008-07-17 10:05 <DIR> d-------- I:\Documents and Settings\Jake\Application Data\gtk-2.0
2008-07-15 21:24 . 2008-07-20 09:14 <DIR> d-------- I:\Documents and Settings\Jake\.gimp-2.4
2008-07-15 13:53 . 2008-07-15 13:53 <DIR> d-------- I:\Documents and Settings\Jake\Application Data\Diino
2008-07-15 13:49 . 2008-07-31 20:15 <DIR> d-------- I:\Documents and Settings\All Users\Application Data\avg8
2008-07-15 13:08 . 2008-08-02 09:31 <DIR> d-------- I:\Documents and Settings\Jake\Application Data\FileZilla
2008-07-15 12:25 . 2007-11-30 17:31 26,368 --a--c--- I:\WINDOWS\system32\dllcache\usbstor.sys
2008-07-15 00:51 . 2008-07-15 00:51 <DIR> d-------- I:\WINDOWS\system32\LogFiles
2008-07-14 00:29 . 2008-07-14 00:29 <DIR> d-------- I:\Documents and Settings\Jake\Application Data\DivX
2008-07-13 20:54 . 2008-07-13 20:54 <DIR> d-------- I:\WINDOWS\Sun
2008-07-13 20:17 . 2008-07-13 20:22 <DIR> d-------- I:\Documents and Settings\Jake\Application Data\FrostWire
2008-07-13 13:43 . 2008-07-13 13:43 256 --a------ I:\WINDOWS\_delis32.ini
2008-07-13 13:34 . 2007-12-01 00:27 91,136 --a------ I:\WINDOWS\system32\kswdmcap.ax
2008-07-13 13:34 . 2007-12-01 00:27 91,136 --a--c--- I:\WINDOWS\system32\dllcache\kswdmcap.ax
2008-07-13 13:34 . 2007-12-01 00:27 61,952 --a------ I:\WINDOWS\system32\kstvtune.ax
2008-07-13 13:34 . 2007-12-01 00:27 61,952 --a--c--- I:\WINDOWS\system32\dllcache\kstvtune.ax
2008-07-13 13:34 . 2007-12-01 00:26 53,760 --a------ I:\WINDOWS\system32\vfwwdm32.dll
2008-07-13 13:34 . 2007-12-01 00:26 53,760 --a--c--- I:\WINDOWS\system32\dllcache\vfwwdm32.dll
2008-07-13 13:34 . 2007-12-01 00:27 43,008 --a------ I:\WINDOWS\system32\ksxbar.ax
2008-07-13 13:34 . 2007-12-01 00:27 43,008 --a--c--- I:\WINDOWS\system32\dllcache\ksxbar.ax
2008-07-13 13:30 . 2008-07-13 13:43 <DIR> d-------- I:\Program Files\Common Files\Logitech
2008-07-13 13:29 . 2008-08-03 01:33 <DIR> d--h----- I:\Program Files\InstallShield Installation Information
2008-07-13 12:46 . 2008-07-13 12:46 <DIR> d-------- I:\Program Files\Hewlett-Packard
2008-07-13 12:46 . 2008-07-13 12:46 <DIR> d-------- I:\Program Files\Common Files\HP
2008-07-13 12:45 . 2008-07-13 12:45 <DIR> d-------- I:\Documents and Settings\All Users\Application Data\HP
2008-07-13 12:45 . 1998-10-29 16:45 306,688 --a------ I:\WINDOWS\IsUninst.exe
2008-07-13 12:45 . 2004-09-29 12:12 278,584 --a------ I:\WINDOWS\system32\HPZidr12.dll
2008-07-13 12:45 . 2004-09-29 12:15 204,800 --a------ I:\WINDOWS\system32\HPZipr12.dll
2008-07-13 12:45 . 2004-09-29 12:09 94,208 --a------ I:\WINDOWS\system32\HPZipt12.dll
2008-07-13 12:45 . 2004-09-29 12:14 69,632 --a------ I:\WINDOWS\system32\HPZipm12.exe
2008-07-13 12:45 . 2004-09-29 12:08 61,440 --a------ I:\WINDOWS\system32\HPZinw12.exe
2008-07-13 12:45 . 2004-09-29 12:09 57,344 --a------ I:\WINDOWS\system32\HPZisn12.dll
2008-07-13 12:44 . 2008-07-13 12:44 <DIR> d-------- I:\Program Files\HP
2008-07-13 12:38 . 2005-03-08 07:52 51,120 --a------ I:\WINDOWS\system32\drivers\HPZid412.sys
2008-07-13 12:38 . 2005-10-21 19:58 16,496 --a------ I:\WINDOWS\system32\drivers\HPZipr12.sys
2008-07-13 12:37 . 2008-07-13 12:47 79,643 --a------ I:\WINDOWS\hpfins05.dat
2008-07-13 12:37 . 2005-04-27 14:37 77,824 -ra------ I:\WINDOWS\system32\hpzids01.dll
2008-07-13 12:37 . 2005-05-10 20:49 37,376 --a------ I:\WINDOWS\system32\hpz3l3xu.dll
2008-07-13 12:37 . 2005-06-06 08:39 1,350 --------- I:\WINDOWS\hpfmdl05.dat
2008-07-13 12:34 . 2008-07-13 12:34 <DIR> d-------- I:\Documents and Settings\Jake\Application Data\HP
2008-07-13 12:32 . 2007-11-30 17:31 25,856 --a------ I:\WINDOWS\system32\drivers\usbprint.sys
2008-07-13 12:32 . 2007-11-30 17:31 25,856 --a--c--- I:\WINDOWS\system32\dllcache\usbprint.sys
2008-07-13 12:17 . 2008-07-13 12:17 <DIR> d-------- I:\Documents and Settings\Jake\Application Data\Independent
2008-07-13 11:57 . 2008-08-02 22:01 <DIR> d-------- I:\Documents and Settings\Jake\.jedit
2008-07-13 11:54 . 2008-07-13 11:54 <DIR> d-------- I:\Program Files\Sun
2008-07-13 11:54 . 2008-06-10 02:32 73,728 --a------ I:\WINDOWS\system32\javacpl.cpl
2008-07-13 11:53 . 2008-07-13 11:53 <DIR> d-------- I:\Program Files\Common Files\Java
2008-07-13 11:44 . 2008-07-13 11:44 <DIR> d-------- I:\Documents and Settings\Jake\Application Data\GarageGames
2008-07-13 11:44 . 2008-07-13 11:44 4,096 --a------ I:\WINDOWS\d3dx.dat
2008-07-13 00:40 . 2008-07-16 21:16 41,952 --ah----- I:\WINDOWS\system32\mlfcache.dat
2008-07-12 22:22 . 2008-07-12 22:22 268 --ah----- I:\sqmdata00.sqm
2008-07-12 22:22 . 2008-07-12 22:22 244 --ah----- I:\sqmnoopt00.sqm
2008-07-12 20:58 . 2003-06-25 16:05 266,360 --a------ I:\WINDOWS\system32\TweakUI.exe
2008-07-12 20:58 . 2002-06-21 15:09 160,217 --a------ I:\WINDOWS\system32\PowerToysLicense.rtf
2008-07-12 20:38 . 2008-07-12 20:38 <DIR> d-------- I:\Program Files\Microsoft SQL Server Compact Edition
2008-07-12 20:33 . 2008-07-12 20:36 <DIR> d--hsc--- I:\Program Files\Common Files\WindowsLiveInstaller
2008-07-12 20:32 . 2008-07-12 20:32 <DIR> d-------- I:\Documents and Settings\All Users\Application Data\WLInstaller
2008-07-12 18:47 . 2008-08-01 15:54 <DIR> d-------- I:\Documents and Settings\Jake\Application Data\POP Peeper
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-04 00:08 --------- d-----w I:\Documents and Settings\Jake\Application Data\uTorrent
2008-08-02 13:59 --------- d-----w I:\Documents and Settings\Jake\Application Data\mIRC
2008-08-02 13:58 --------- d-----w I:\Program Files\mIRC
2008-08-01 00:35 --------- d-----w I:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-01 00:26 --------- d-----w I:\Program Files\Common Files\InstallShield
2008-07-19 02:10 --------- d-----w I:\Program Files\uTorrent
2008-07-17 00:46 --------- d-----w I:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-07-13 10:35 --------- d-----w I:\Program Files\Windows Live
2008-06-18 17:52 161,096 ----a-w I:\windows\system32\DivXCodecVersionChecker.exe
2008-06-11 00:04 200,704 ----a-w I:\windows\system32\ssldivx.dll
2008-06-11 00:04 1,044,480 ----a-w I:\windows\system32\libdivx.dll
2008-01-17 13:47 16,384 --sha-w I:\windows\system32\config\systemprofile\Cookies\index.dat
2008-01-17 13:47 32,768 --sha-w I:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
2008-01-17 13:47 32,768 --sha-w I:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008011720080118\index.dat
2008-01-17 13:47 32,768 --sha-w I:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
.
------- Sigcheck -------
2007-09-20 00:59 823808 431defbb4a3d7b0dc062c1b064623a2f I:\windows\ie7updates\KB942615-IE7\wininet.dll
2007-12-01 01:26 666112 e7f441cde6e418bb68fc700872c004a0 I:\windows\ServicePackFiles\i386\wininet.dll
2007-10-10 19:47 825344 0e5d918f87efa7d2424d66b499c7eb04 I:\windows\system32\wininet.dll
2007-10-10 19:47 825344 0e5d918f87efa7d2424d66b499c7eb04 I:\windows\system32\dllcache\wininet.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="I:\windows\system32\ctfmon.exe" [2007-12-01 01:26 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="I:\windows\system32\NvCpl.dll" [2007-12-05 02:41 8523776]
"SunJavaUpdateSched"="K:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"SSBkgdUpdate"="I:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 13:16 185896]
"OpwareSE4"="I:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 12:45 75304]
"avast!"="K:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 10:38 78008]
"COMODO Firewall Pro"="I:\Program Files\COMODO\Firewall\cfp.exe" [2008-08-01 21:10 1655552]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ShowDeskFix"="shell32" [X]
I:\Documents and Settings\Jake\Start Menu\Programs\Startup\
WinMySQLadmin.lnk - C:\xampp\mysql\bin\winmysqladmin.exe [2007-12-20 22:00:28 936448]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"= I:\windows\system32\guard32.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.ffds"= K:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll
[HKLM\~\startupfolder\I:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=I:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=I:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2007-12-01 01:26 15360 I:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2005-05-11 23:12 49152 K:\Program Files\HP\HP Software Update\hpwuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2007-12-01 01:26 1695232 I:\Program Files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2007-12-05 02:41 8523776 I:\WINDOWS\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2007-12-05 02:41 81920 I:\WINDOWS\system32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-07-07 09:42 2156368 K:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2007-12-05 02:41 1626112 I:\WINDOWS\system32\nwiz.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
-ra------ 2005-06-20 09:42 77824 I:\WINDOWS\SOUNDMAN.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"I:\\Program Files\\uTorrent\\uTorrent.exe"=
"I:\\Program Files\\mIRC\\mirc.exe"=
"I:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"I:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"I:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
R0 SI3114;SiI-3114 SATALink Controller;I:\windows\system32\DRIVERS\SI3114.sys [2008-04-14 19:52]
R1 aswSP;avast! Self Protection;I:\windows\system32\drivers\aswSP.sys [2008-07-19 10:35]
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;I:\windows\system32\DRIVERS\cmdguard.sys [2008-08-01 21:10]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;I:\windows\system32\DRIVERS\cmdhlp.sys [2008-08-01 21:10]
R2 aswFsBlk;aswFsBlk;I:\windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 10:37]
*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - I:\Documents and Settings\Jake\Application Data\Mozilla\Firefox\Profiles\o9sqyxqi.default\
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-08-03 20:09:45
Windows 5.1.2600 Service Pack 3, v.3264 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: I:\windows\system32\winlogon.exe
-> I:\windows\system32\guard32.dll
PROCESS: I:\windows\system32\lsass.exe
-> I:\windows\system32\guard32.dll
.
Completion time: 2008-08-03 20:10:31
ComboFix-quarantined-files.txt 2008-08-04 00:10:15
Pre-Run: 72,160,137,216 bytes free
Post-Run: 72,192,098,304 bytes free
225 --- E O F --- 2008-07-11 23:37:50
hijackthisLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:12:37 PM, on 8/3/2008
Platform: Windows XP SP3, v.3264 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20696)
Boot mode: Normal
Running processes:
I:\windows\System32\smss.exe
I:\windows\system32\winlogon.exe
I:\windows\system32\services.exe
I:\windows\system32\lsass.exe
I:\windows\system32\svchost.exe
I:\windows\system32\svchost.exe
K:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
K:\Program Files\Alwil Software\Avast4\ashServ.exe
K:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
I:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
K:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
I:\Program Files\COMODO\Firewall\cfp.exe
I:\windows\system32\ctfmon.exe
I:\windows\system32\spoolsv.exe
I:\Program Files\COMODO\Firewall\cmdagent.exe
I:\windows\system32\nvsvc32.exe
I:\windows\system32\HPZipm12.exe
I:\windows\system32\svchost.exe
K:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
K:\Program Files\Alwil Software\Avast4\ashWebSv.exe
I:\windows\System32\svchost.exe
I:\Program Files\uTorrent\uTorrent.exe
K:\Program Files\POP Peeper\POPPeeper.exe
K:\PROGRA~1\FOXITS~1\FOXITR~1\FOXITR~1.EXE
I:\Program Files\Windows Live\Messenger\usnsvc.exe
I:\PROGRA~1\Mozilla Firefox\firefox.exe
I:\windows\explorer.exe
K:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://google.ca/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - K:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "K:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "I:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "I:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [avast!] K:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "I:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKCU\..\Run: [ctfmon.exe] I:\windows\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O4 - Startup: WinMySQLadmin.lnk = C:\xampp\mysql\bin\winmysqladmin.exe
O8 - Extra context menu item: Download all with Free Download Manager - file://K:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://K:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://K:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://K:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://I:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - K:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - K:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - I:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - I:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\windows\Network Diagnostic\xpnetdiag.exe
O20 - AppInit_DLLs: I:\windows\system32\guard32.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - K:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - K:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - K:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - K:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - I:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\windows\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - I:\windows\system32\HPZipm12.exe
--
End of file - 5797 bytes