This is the 6th and final step. All logs and instructions were followed exactly! Please let me know what else I need to do! I REALLY appreciate it! I also would like to put on my NOD virus software that I purchased. Is that suggested at this time. Lastly, I need a recommendation for a Firewall.
Thanks a BUNCH!
hwg
Step 6
==================
ComboFix 08-05-01.3 - Roe 2008-05-07 16:32:31.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1532 [GMT -7:00]
Running from: C:\Documents and Settings\Roe\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Roe\Desktop\WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\kmd.exe
C:\WINDOWS\mainms.vpi
C:\WINDOWS\system\msvbvm60.dll
C:\WINDOWS\system32\ajbpborm.ini
C:\WINDOWS\system32\CMMGR32.EXE
.
---- Previous Run -------
.
C:\WINDOWS\system32\qxkpwbly.dll
C:\Documents and Settings\Roe\Application Data\inst.exe
C:\Program Files\MSN Messenger\MsnMsgr .Exe
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\_000110_.tmp.dll
C:\WINDOWS\system32\CMMGR32.EXE
C:\WINDOWS\system32\ddtedibh.ini
C:\WINDOWS\system32\dgjlm.ini
C:\WINDOWS\system32\dgjlm.ini2
C:\WINDOWS\system32\erdxbeqp.ini
C:\WINDOWS\system32\fuqtjeex.ini
C:\WINDOWS\system32\lxgbiaea.ini
C:\WINDOWS\system32\mljgd.dll
C:\WINDOWS\system32\mljgd.exe
C:\WINDOWS\system32\qxkpwbly.dll
C:\WINDOWS\system32\qxkpwbly.dllbox
C:\WINDOWS\system32\xhtjsfyf.dll
C:\WINDOWS\system32\yaywurq.dll
.
((((((((((((((((((((((((( Files Created from 2008-04-07 to 2008-05-07 )))))))))))))))))))))))))))))))
.
2008-05-06 20:16 . 2008-05-06 20:16 <DIR> d-------- C:\Documents and Settings\Roe\Application Data\Malwarebytes
2008-05-06 20:15 . 2008-05-06 20:15 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-05-06 20:15 . 2008-05-06 20:15 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-05-06 20:15 . 2008-05-05 20:46 27,048 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-05-06 20:15 . 2008-05-05 20:46 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-05-06 20:07 . 2008-05-06 20:07 <DIR> d-------- C:\_OTMoveIt
2008-05-06 09:15 . 2008-05-06 09:15 <DIR> d-------- C:\WINDOWS\ERUNT
2008-05-06 09:06 . 2008-05-06 13:16 <DIR> d-------- C:\SDFix
2008-05-05 21:07 . 2008-05-05 21:07 <DIR> d-------- C:\Program Files\Trend Micro
2008-05-05 20:37 . 2008-05-05 20:37 <DIR> d-------- C:\Program Files\Unlocker
2008-05-05 20:37 . 2008-05-07 08:22 <DIR> d-------- C:\Documents and Settings\Roe\Application Data\Desktopicon
2008-05-05 20:24 . 2008-05-05 20:24 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-05-05 20:24 . 2008-05-05 20:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-05-04 18:34 . 2008-05-04 18:34 <DIR> d-------- C:\!KillBox
2008-05-04 18:32 . 2008-05-04 18:37 <DIR> d-------- C:\Program Files\Windows Live
2008-05-04 18:32 . 2008-05-04 18:37 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller
2008-05-04 18:32 . 2008-05-04 21:14 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-05-04 14:52 . 2003-06-25 16:05 266,360 --a------ C:\WINDOWS\system32\TweakUI.exe
2008-05-04 14:52 . 2002-06-21 15:09 160,217 --a------ C:\WINDOWS\system32\PowerToysLicense.rtf
2008-05-04 12:48 . 2008-05-04 18:13 <DIR> d-------- C:\Program Files\COMODO
2008-05-04 12:48 . 2008-05-04 18:13 <DIR> d-------- C:\Documents and Settings\Roe\Application Data\Comodo
2008-05-03 20:25 . 2008-05-03 20:25 <DIR> d-------- C:\Program Files\AVG
2008-05-03 20:25 . 2008-05-04 09:58 <DIR> d-------- C:\Documents and Settings\Roe\Application Data\AVGTOOLBAR
2008-05-03 20:25 . 2008-05-05 20:12 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-05-03 18:31 . 2008-05-03 18:31 <DIR> d-------- C:\Program Files\RogueRemover FREE
2008-05-03 14:20 . 2008-05-03 14:20 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Yahoo!
2008-05-03 14:20 . 2006-03-15 05:00 4,224 --a------ C:\WINDOWS\system32\beep.sys
2008-04-26 20:37 . 2008-05-01 18:32 <DIR> d-------- C:\Documents and Settings\Roe\Application Data\ZoomBrowser EX
2008-04-26 20:35 . 2008-04-26 20:35 <DIR> d-------- C:\Documents and Settings\Roe\Application Data\Canon
2008-04-26 20:35 . 2004-08-04 00:56 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2008-04-26 20:35 . 2001-08-17 22:36 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2008-04-25 12:19 . 2008-05-01 18:32 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ZoomBrowser
2008-04-25 11:51 . 2008-04-25 11:51 <DIR> d-------- C:\Program Files\Common Files\Canon
2008-04-23 18:36 . 2008-04-23 18:36 <DIR> d-------- C:\Program Files\LizardTech
2008-04-23 18:35 . 2008-04-23 18:35 <DIR> dr------- C:\UDC Output Files
2008-04-23 18:35 . 2008-04-23 18:35 <DIR> d-------- C:\Program Files\Universal Document Converter
2008-04-23 18:35 . 2007-08-14 20:57 5,632 --a------ C:\WINDOWS\system32\udcpm.dll
2008-04-08 17:44 . 2008-04-08 17:44 <DIR> d-------- C:\Program Files\Bonjour
2008-04-08 17:36 . 2008-04-08 17:36 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared
2008-04-08 10:29 . 2008-04-08 10:29 <DIR> d-------- C:\Western Digital
2008-04-08 10:18 . 2008-04-08 10:19 <DIR> d-------- C:\WINDOWS\system32\NtmsData
2008-04-07 21:10 . 2008-04-07 21:10 <DIR> d-------- C:\Program Files\Alcohol Soft
2008-04-07 21:10 . 2008-04-07 21:10 223,128 --a------ C:\WINDOWS\system32\drivers\vaxscsi.sys
2008-04-07 21:07 . 2008-04-07 21:07 642,560 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-04-07 21:07 . 2008-04-07 21:07 96,256 --a------ C:\WINDOWS\system32\drivers\sptd6477.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-05 03:58 --------- d-----w C:\Program Files\The Print Shop 20
2008-05-05 01:30 --------- d-----w C:\Program Files\MSN Messenger
2008-05-04 19:43 --------- d-----w C:\Documents and Settings\Roe\Application Data\TeraCopy
2008-05-04 17:43 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-05-04 17:43 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-05-04 17:43 --------- d-----w C:\Documents and Settings\Roe\Application Data\SUPERAntiSpyware.com
2008-05-01 21:23 --------- d-----w C:\Documents and Settings\Roe\Application Data\Vso
2008-04-25 19:21 --------- d-----w C:\Program Files\CANON
2008-04-24 01:36 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-09 00:43 --------- d-----w C:\Program Files\Common Files\Adobe
2008-04-08 04:05 --------- d-----w C:\Documents and Settings\Roe\Application Data\DMCache
2008-04-04 04:28 --------- d-----w C:\Documents and Settings\Roe\Application Data\Corel
2008-03-20 00:07 --------- d-----w C:\Program Files\Mayoko
2008-03-12 23:35 --------- d-----w C:\Program Files\VLCPortable
2008-01-11 03:03 47,360 ----a-w C:\Documents and Settings\Roe\Application Data\pcouffin.sys
2007-12-26 00:40 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2007-09-22 01:21 2,393 ----a-w C:\Documents and Settings\Roe\Application Data\SAS7_000.DAT
2007-11-05 21:11 88 --sha-w C:\WINDOWS\system32\4D7CD740B4.sys
2008-01-29 04:40 2,516 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.
<pre>
----a-w 151,552 2008-02-06 20:46:59 C:\Documents and Settings\Roe\Desktop\MPTBox .exe
----a-w 311,296 2008-02-05 17:48:56 C:\Program Files\CANON\MultiPASS4\monitr32 .exe
----a-w 151,552 2008-02-06 20:46:59 C:\Program Files\CANON\MultiPASS4\MPTBox .exe
----a-w 6,731,312 2008-02-07 04:44:13 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas .exe
----a-w 278,528 2008-02-04 22:38:19 C:\Program Files\iTunes\iTunesHelper .exe
----a-w 1,667,584 2008-01-28 20:39:12 C:\Program Files\Messenger\msmsgs .exe
----a-w 5,674,352 2008-02-10 00:09:34 C:\Program Files\MSN Messenger\MsnMsgr .Exe
----a-w 5,674,352 2008-02-10 18:41:31 C:\Program Files\MSN Messenger\msnmsgr .exe
----a-w 1,310,720 2008-02-06 03:35:41 C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware .exe
----a-w 4,670,704 2008-02-07 04:44:13 C:\Program Files\Yahoo!\Messenger\YahooMessenger .exe
----a-w 158,208 2008-02-10 18:44:56 C:\WINDOWS\pchealth\helpctr\binaries\MSConfig .exe
----a-w 65,536 2008-02-04 22:38:19 C:\WINDOWS\system32\fxredir .exe
</pre>
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 18:43 4670704]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.ffds"= C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Palo Alto Software Update Manager 8.0.lnk]
backup=C:\WINDOWS\pss\Palo Alto Software Update Manager 8.0.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
backup=C:\WINDOWS\pss\WinZip Quick Pick.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Roe^Start Menu^Programs^Startup^Cyber-shot Viewer Media Check Tool.lnk]
backup=C:\WINDOWS\pss\Cyber-shot Viewer Media Check Tool.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
--a------ 2008-02-06 21:44 6731312 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas .exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2007-10-10 20:51 39792 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
--a------ 2007-02-28 23:06 2321600 C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
--------- 2005-05-03 03:43 69632 C:\WINDOWS\Alcmtr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDAgent]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitDefender Antiphishing Helper]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWQueuedReporting]
--a------ 2007-03-13 16:38 39264 c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
--a------ 2004-08-10 04:04 59392 C:\WINDOWS\ehome\ehtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fxredir]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
--a------ 2007-04-19 22:57 162584 C:\WINDOWS\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
--a------ 2007-04-19 22:57 142104 C:\WINDOWS\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
--a------ 2005-02-16 16:15 221184 C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
--a------ 2005-02-16 16:15 81920 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\monitr32]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPTBox]
--a------ 2008-02-07 13:37 0 C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2008-02-07 13:37 0 C:\Program Files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 11:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
--a------ 2007-04-19 22:57 138008 C:\WINDOWS\system32\igfxpers.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-09-17 22:05 282624 C:\Program Files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
--------- 2007-04-12 02:33 16132608 C:\WINDOWS\RTHDCPL.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
-ra------ 2007-12-07 16:08 21686568 C:\Program Files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
--a------ 2003-09-29 16:00 155648 C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
--a------ 2008-02-29 16:03 1481968 C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UDC Integration]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
--a------ 2008-05-01 21:15 15872 C:\Program Files\Unlocker\UnlockerAssistant.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Button Manager]
--a------ 2008-04-08 10:42 364544 C:\WINDOWS\system32\WDBtnMgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a------ 2007-08-30 18:43 4670704 C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
--a------ 2007-06-08 07:59 224248 C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ekrn"=2 (0x2)
"EhttpSrv"=3 (0x3)
"wuauserv"=3 (0x3)
"wscsvc"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
R2 cis1284;cis1284;C:\WINDOWS\system32\drivers\cis1284.sys [2001-06-26 21:00]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\WINDOWS\system32\DRIVERS\wdcsam.sys [2006-09-07 22:16]
S3 gdrv;gdrv;C:\WINDOWS\gdrv.sys [2007-09-16 13:43]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{30d5f1aa-6498-11dc-9cdb-806d6172696f}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{21DB17A7-9EB9-0768-D9C5-22A71AD280F1}]
C:\WINDOWS\system32:svchost.exe
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-05-07 16:37:12
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\CANON\CAL\CALMAIN.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
.
**************************************************************************
.
Completion time: 2008-05-07 16:44:41 - machine was rebooted [Roe]
ComboFix-quarantined-files.txt 2008-05-07 23:44:28
Pre-Run: 332,165,599,232 bytes free
Post-Run: 332,168,769,536 bytes free
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
247
===================
Hijack This
============
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:47:20 PM, on 5/7/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.comcast.net/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky...can_unicode.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.mi...b?1189988193562O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MpService - Canon Inc - C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
--
End of file - 4205 bytes