ComboFix 07-10-07.2 - Hafeez 2007-10-10 20:38:06.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.234 [GMT -4:00]
Running from: C:\Documents and Settings\Hafeez\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Hafeez\Desktop\CFScript.txt
* Created a new restore point
FILE::
C:\WINDOWS\Tasks\At1.job
C:\WINDOWS\Tasks\At10.job
C:\WINDOWS\Tasks\At11.job
C:\WINDOWS\Tasks\At12.job
C:\WINDOWS\Tasks\At13.job
C:\WINDOWS\Tasks\At14.job
C:\WINDOWS\Tasks\At15.job
C:\WINDOWS\Tasks\At16.job
C:\WINDOWS\Tasks\At17.job
C:\WINDOWS\Tasks\At18.job
C:\WINDOWS\Tasks\At19.job
C:\WINDOWS\Tasks\At2.job
C:\WINDOWS\Tasks\At20.job
C:\WINDOWS\Tasks\At21.job
C:\WINDOWS\Tasks\At22.job
C:\WINDOWS\Tasks\At23.job
C:\WINDOWS\Tasks\At24.job
C:\WINDOWS\Tasks\At25.job
C:\WINDOWS\Tasks\At26.job
C:\WINDOWS\Tasks\At27.job
C:\WINDOWS\Tasks\At28.job
C:\WINDOWS\Tasks\At29.job
C:\WINDOWS\Tasks\At3.job
C:\WINDOWS\Tasks\At30.job
C:\WINDOWS\Tasks\At31.job
C:\WINDOWS\Tasks\At32.job
C:\WINDOWS\Tasks\At33.job
C:\WINDOWS\Tasks\At34.job
C:\WINDOWS\Tasks\At35.job
C:\WINDOWS\Tasks\At36.job
C:\WINDOWS\Tasks\At37.job
C:\WINDOWS\Tasks\At38.job
C:\WINDOWS\Tasks\At39.job
C:\WINDOWS\Tasks\At4.job
C:\WINDOWS\Tasks\At40.job
C:\WINDOWS\Tasks\At41.job
C:\WINDOWS\Tasks\At42.job
C:\WINDOWS\Tasks\At43.job
C:\WINDOWS\Tasks\At44.job
C:\WINDOWS\Tasks\At45.job
C:\WINDOWS\Tasks\At46.job
C:\WINDOWS\Tasks\At47.job
C:\WINDOWS\Tasks\At48.job
C:\WINDOWS\Tasks\At49.job
C:\WINDOWS\Tasks\At5.job
C:\WINDOWS\Tasks\At50.job
C:\WINDOWS\Tasks\At51.job
C:\WINDOWS\Tasks\At52.job
C:\WINDOWS\Tasks\At53.job
C:\WINDOWS\Tasks\At54.job
C:\WINDOWS\Tasks\At55.job
C:\WINDOWS\Tasks\At56.job
C:\WINDOWS\Tasks\At57.job
C:\WINDOWS\Tasks\At58.job
C:\WINDOWS\Tasks\At59.job
C:\WINDOWS\Tasks\At6.job
C:\WINDOWS\Tasks\At60.job
C:\WINDOWS\Tasks\At61.job
C:\WINDOWS\Tasks\At62.job
C:\WINDOWS\Tasks\At63.job
C:\WINDOWS\Tasks\At64.job
C:\WINDOWS\Tasks\At65.job
C:\WINDOWS\Tasks\At66.job
C:\WINDOWS\Tasks\At67.job
C:\WINDOWS\Tasks\At68.job
C:\WINDOWS\Tasks\At69.jo
C:\WINDOWS\Tasks\At7.job
C:\WINDOWS\Tasks\At70.job
C:\WINDOWS\Tasks\At71.job
C:\WINDOWS\Tasks\At72.job
C:\WINDOWS\Tasks\At8.job
C:\WINDOWS\Tasks\At9.job
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\aticds1.dll
C:\WINDOWS\system32\azbmsslu.dat
C:\WINDOWS\system32\bgfjjvjd.dat
C:\WINDOWS\system32\drivers\skxzhabb.dat
C:\WINDOWS\system32\drivers\wilrhcss.dat
C:\WINDOWS\system32\iugbyjzi.dat
C:\WINDOWS\system32\nbbanbb.dll
C:\WINDOWS\system32\schfmtvz.dat
C:\WINDOWS\system32\xwrcxcnz.dll
C:\WINDOWS\Tasks\At1.job
C:\WINDOWS\Tasks\At10.job
C:\WINDOWS\Tasks\At11.job
C:\WINDOWS\Tasks\At12.job
C:\WINDOWS\Tasks\At13.job
C:\WINDOWS\Tasks\At14.job
C:\WINDOWS\Tasks\At15.job
C:\WINDOWS\Tasks\At16.job
C:\WINDOWS\Tasks\At17.job
C:\WINDOWS\Tasks\At18.job
C:\WINDOWS\Tasks\At19.job
C:\WINDOWS\Tasks\At2.job
C:\WINDOWS\Tasks\At20.job
C:\WINDOWS\Tasks\At21.job
C:\WINDOWS\Tasks\At22.job
C:\WINDOWS\Tasks\At23.job
C:\WINDOWS\Tasks\At24.job
C:\WINDOWS\Tasks\At25.job
C:\WINDOWS\Tasks\At26.job
C:\WINDOWS\Tasks\At27.job
C:\WINDOWS\Tasks\At28.job
C:\WINDOWS\Tasks\At29.job
C:\WINDOWS\Tasks\At3.job
C:\WINDOWS\Tasks\At30.job
C:\WINDOWS\Tasks\At31.job
C:\WINDOWS\Tasks\At32.job
C:\WINDOWS\Tasks\At33.job
C:\WINDOWS\Tasks\At34.job
C:\WINDOWS\Tasks\At35.job
C:\WINDOWS\Tasks\At36.job
C:\WINDOWS\Tasks\At37.job
C:\WINDOWS\Tasks\At38.job
C:\WINDOWS\Tasks\At39.job
C:\WINDOWS\Tasks\At4.job
C:\WINDOWS\Tasks\At40.job
C:\WINDOWS\Tasks\At41.job
C:\WINDOWS\Tasks\At42.job
C:\WINDOWS\Tasks\At43.job
C:\WINDOWS\Tasks\At44.job
C:\WINDOWS\Tasks\At45.job
C:\WINDOWS\Tasks\At46.job
C:\WINDOWS\Tasks\At47.job
C:\WINDOWS\Tasks\At48.job
C:\WINDOWS\Tasks\At49.job
C:\WINDOWS\Tasks\At5.job
C:\WINDOWS\Tasks\At50.job
C:\WINDOWS\Tasks\At51.job
C:\WINDOWS\Tasks\At52.job
C:\WINDOWS\Tasks\At53.job
C:\WINDOWS\Tasks\At54.job
C:\WINDOWS\Tasks\At55.job
C:\WINDOWS\Tasks\At56.job
C:\WINDOWS\Tasks\At57.job
C:\WINDOWS\Tasks\At58.job
C:\WINDOWS\Tasks\At59.job
C:\WINDOWS\Tasks\At6.job
C:\WINDOWS\Tasks\At60.job
C:\WINDOWS\Tasks\At61.job
C:\WINDOWS\Tasks\At62.job
C:\WINDOWS\Tasks\At63.job
C:\WINDOWS\Tasks\At64.job
C:\WINDOWS\Tasks\At65.job
C:\WINDOWS\Tasks\At66.job
C:\WINDOWS\Tasks\At67.job
C:\WINDOWS\Tasks\At68.job
C:\WINDOWS\Tasks\At7.job
C:\WINDOWS\Tasks\At70.job
C:\WINDOWS\Tasks\At71.job
C:\WINDOWS\Tasks\At72.job
C:\WINDOWS\Tasks\At8.job
C:\WINDOWS\Tasks\At9.job
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\LEGACY_JDZVZHOL
-------\LEGACY_YTEADXZV
-------\jdzvzhol
-------\yteadxzv
((((((((((((((((((((((((( Files Created from 2007-09-11 to 2007-10-11 )))))))))))))))))))))))))))))))
.
2007-10-08 17:51 <DIR> d-------- C:\Program Files\Trend Micro
2007-10-08 17:36 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-07 15:44 <DIR> d-------- C:\WINDOWS\BDOSCAN8
2007-10-07 14:46 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2007-10-07 13:48 <DIR> d-------- C:\Documents and Settings\Hafeez\.housecall6.6
2007-10-06 15:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\LogiShrd
2007-10-06 15:21 79,376 --a------ C:\WINDOWS\system32\drivers\LMouKE.Sys
2007-10-06 15:21 63,248 --a------ C:\WINDOWS\system32\drivers\L8042mou.Sys
2007-10-06 15:21 56,080 --a------ C:\WINDOWS\KHALMNPR.Exe
2007-10-06 15:21 20,496 --a------ C:\WINDOWS\system32\drivers\L8042Kbd.sys
2007-09-29 23:58 <DIR> d-------- C:\Program Files\Veoh Networks
2007-09-24 11:41 737,280 --a------ C:\WINDOWS\iun6002.exe
2007-09-24 11:41 <DIR> d-------- C:\Program Files\IPS5e
2007-09-23 19:32 <DIR> d-------- C:\Program Files\Enigma Software Group
2007-09-23 19:06 <DIR> d-------- C:\Program Files\Bazooka Scanner
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-10 20:33 --------- d-------- C:\Program Files\Windows Live Safety Center
2007-10-09 18:33 --------- d-------- C:\Program Files\DivX
2007-10-07 16:20 --------- d-------- C:\Program Files\Common Files\InstallShield
2007-10-07 16:19 --------- d-------- C:\Program Files\Common Files\Symantec Shared
2007-10-07 16:17 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-10-07 16:16 --------- d-------- C:\Program Files\Symantec AntiVirus
2007-10-07 16:16 --------- d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2007-10-06 16:07 --------- d-------- C:\Program Files\mIRC
2007-10-06 08:08 --------- d-------- C:\Program Files\Winamp
2007-09-24 12:32 --------- d-------- C:\Program Files\CGPACalc2
2007-09-23 19:29 --------- d-------- C:\Program Files\Windows Live Toolbar
2007-09-09 22:23 --------- d-------- C:\Program Files\QuickTime
2007-09-09 12:27 --------- d-------- C:\Documents and Settings\Administrator\Application Data\Lavasoft
2007-09-09 11:01 --------- d-------- C:\Program Files\MSXML 4.0
2007-09-08 10:16 --------- d-------- C:\Program Files\Common Files\Ahead
2007-09-03 23:12 --------- d-------- C:\Program Files\BitComet
2007-09-02 12:54 684567 --a------ C:\WINDOWS\system32\libeay32.dll
2007-09-02 12:54 147729 --a------ C:\WINDOWS\system32\libssl32.dll
2007-08-25 20:51 --------- d-------- C:\Program Files\The Noble Qur'an V3.0
2007-08-21 02:15 683520 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll
2007-07-26 19:06 200704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-07-26 19:06 1044480 --a------ C:\WINDOWS\system32\libdivx.dll
2003-07-31 05:53 147456 --a--c--- C:\WINDOWS\inf\EL2K_XP.sys
2003-07-31 05:50 448768 --a--c--- C:\WINDOWS\inf\EL2K_N64.sys
2003-07-31 05:43 147456 --a--c--- C:\WINDOWS\inf\EL2K_2K.sys
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
---- C:\WINDOWS\inf\EL2K_2K.sys ----
Company: 3Com Corporation
File Description: 3Com 3C2000 NDIS 5.0 Miniport Driver
File Version: 1.00.00.0046
Product Name: 3Com Gigabit NIC (3C2000 Family)
Copyright: Copyright 3Com Corporation/Marvell 2003
Original file name: EL2K_2K.SYS
---- C:\WINDOWS\inf\EL2K_N64.sys ----
Company: 3Com Corporation
File Description: 3Com 3C2000 NDIS 5.1 Miniport Driver
File Version: 1.00.00.0046 built by: WinDDK
Product Name: 3Com Gigabit NIC (3C2000 Family)
Copyright: Copyright 3Com Corporation/Marvell 2003
Original file name: EL2K_N64.SYS
---- C:\WINDOWS\inf\EL2K_XP.sys ----
Company: 3Com Corporation
File Description: 3Com 3C2000 NDIS 5.1 Miniport Driver
File Version: 1.00.00.0046 built by: WinDDK
Product Name: 3Com Gigabit NIC (3C2000 Family)
Copyright: Copyright 3Com Corporation/Marvell 2003
Original file name: EL2K_XP.SYS
---- Directory of C:\Program Files\CGPACalc2 ----
2007-09-24 12:32 290816 --a------ C:\Program Files\CGPACalc2\db1.mdb
2007-07-23 20:36 673546 --a------ C:\Program Files\CGPACalc2\unins000.exe
2007-07-23 20:36 2950 --a------ C:\Program Files\CGPACalc2\unins000.dat
2006-07-10 01:28 151552 --a------ C:\Program Files\CGPACalc2\calc.exe
2006-07-09 12:36 1028 --a------ C:\Program Files\CGPACalc2\db2.mdb
2005-04-15 20:58 1071088 --a------ C:\Program Files\CGPACalc2\mscomctl.ocx
((((((((((((((((((((((((((((( snapshot@2007-10-08_17.44.16.59 )))))))))))))))))))))))))))))))))))))))))
.
----a-w 14,048 2005-10-12 23:12:25 C:\WINDOWS\$hf_mig$\KB933729\spmsg.dll
----a-w 213,216 2005-10-12 23:12:26 C:\WINDOWS\$hf_mig$\KB933729\spuninst.exe
----a-w 582,656 2007-07-09 13:16:16 C:\WINDOWS\$hf_mig$\KB933729\SP2QFE\rpcrt4.dll
----a-w 350,720 2007-06-19 07:24:36 C:\WINDOWS\$hf_mig$\KB933729\SP2QFE\xpsp3res.dll
----a-w 22,752 2005-10-12 23:12:25 C:\WINDOWS\$hf_mig$\KB933729\update\spcustom.dll
----a-w 716,000 2005-10-12 23:12:28 C:\WINDOWS\$hf_mig$\KB933729\update\update.exe
----a-w 371,424 2005-10-12 23:12:33 C:\WINDOWS\$hf_mig$\KB933729\update\updspapi.dll
----a-w 14,048 2007-03-06 01:22:36 C:\WINDOWS\$hf_mig$\KB939653\spmsg.dll
----a-w 213,216 2007-03-06 01:22:41 C:\WINDOWS\$hf_mig$\KB939653\spuninst.exe
----a-w 1,022,976 2007-08-22 12:55:28 C:\WINDOWS\$hf_mig$\KB939653\SP2QFE\browseui.dll
----a-w 151,040 2007-08-22 12:55:29 C:\WINDOWS\$hf_mig$\KB939653\SP2QFE\cdfview.dll
----a-w 1,054,208 2007-08-22 12:55:30 C:\WINDOWS\$hf_mig$\KB939653\SP2QFE\danim.dll
----a-w 357,888 2007-08-22 12:55:30 C:\WINDOWS\$hf_mig$\KB939653\SP2QFE\dxtmsft.dll
----a-w 205,824 2007-08-22 12:55:31 C:\WINDOWS\$hf_mig$\KB939653\SP2QFE\dxtrans.dll
----a-w 55,808 2007-08-22 12:55:31 C:\WINDOWS\$hf_mig$\KB939653\SP2QFE\extmgr.dll
----a-w 18,432 2007-08-21 10:19:39 C:\WINDOWS\$hf_mig$\KB939653\SP2QFE\iedw.exe
----a-w 251,904 2007-08-22 12:55:32 C:\WINDOWS\$hf_mig$\KB939653\SP2QFE\iepeers.dll
----a-w 96,256 2007-08-22 12:55:32 C:\WINDOWS\$hf_mig$\KB939653\SP2QFE\inseng.dll
----a-w 16,384 2007-08-22 12:55:32 C:\WINDOWS\$hf_mig$\KB939653\SP2QFE\jsproxy.dll
----a-w 3,064,832 2007-08-22 12:55:36 C:\WINDOWS\$hf_mig$\KB939653\SP2QFE\mshtml.dll
----a-w 449,024 2007-08-22 12:55:37 C:\WINDOWS\$hf_mig$\KB939653\SP2QFE\mshtmled.dll
----a-w 146,432 2007-08-22 12:55:37 C:\WINDOWS\$hf_mig$\KB939653\SP2QFE\msrating.dll
----a-w 532,480 2007-08-22 12:55:38 C:\WINDOWS\$hf_mig$\KB939653\SP2QFE\mstime.dll
----a-w 39,424 2007-08-22 12:55:38 C:\WINDOWS\$hf_mig$\KB939653\SP2QFE\pngfilt.dll
----a-w 1,498,112 2007-08-22 12:55:40 C:\WINDOWS\$hf_mig$\KB939653\SP2QFE\shdocvw.dll
----a-w 474,112 2007-08-22 12:55:41 C:\WINDOWS\$hf_mig$\KB939653\SP2QFE\shlwapi.dll
----a-w 617,984 2007-08-22 12:55:43 C:\WINDOWS\$hf_mig$\KB939653\SP2QFE\urlmon.dll
----a-w 665,600 2007-08-22 12:55:44 C:\WINDOWS\$hf_mig$\KB939653\SP2QFE\wininet.dll
----a-w 350,720 2007-08-21 10:13:33 C:\WINDOWS\$hf_mig$\KB939653\SP2QFE\xpsp3res.dll
----a-w 22,752 2007-03-06 01:22:34 C:\WINDOWS\$hf_mig$\KB939653\update\spcustom.dll
----a-w 716,000 2007-03-06 01:22:59 C:\WINDOWS\$hf_mig$\KB939653\update\update.exe
----a-w 371,424 2007-03-06 01:23:51 C:\WINDOWS\$hf_mig$\KB939653\update\updspapi.dll
----a-w 14,048 2007-03-06 01:22:36 C:\WINDOWS\$hf_mig$\KB941202\spmsg.dll
----a-w 213,216 2007-03-06 01:22:41 C:\WINDOWS\$hf_mig$\KB941202\spuninst.exe
----a-w 683,520 2007-08-21 06:25:02 C:\WINDOWS\$hf_mig$\KB941202\SP2QFE\inetcomm.dll
----a-w 22,752 2007-03-06 01:22:34 C:\WINDOWS\$hf_mig$\KB941202\update\spcustom.dll
----a-w 716,000 2007-03-06 01:22:59 C:\WINDOWS\$hf_mig$\KB941202\update\update.exe
----a-w 371,424 2007-03-06 01:23:51 C:\WINDOWS\$hf_mig$\KB941202\update\updspapi.dll
-c----w 581,120 2004-08-04 04:56:46 C:\WINDOWS\$NtUninstallKB933729$\rpcrt4.dll
-c----w 213,216 2005-10-12 23:12:26 C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe
-c----w 371,424 2005-10-12 23:12:33 C:\WINDOWS\$NtUninstallKB933729$\spuninst\updspapi.dll
-c----w 1,023,488 2007-06-14 18:09:18 C:\WINDOWS\$NtUninstallKB939653$\browseui.dll
-c----w 151,040 2007-06-14 18:09:18 C:\WINDOWS\$NtUninstallKB939653$\cdfview.dll
-c----w 1,054,208 2007-06-14 18:09:18 C:\WINDOWS\$NtUninstallKB939653$\danim.dll
-c----w 357,888 2007-06-14 18:09:18 C:\WINDOWS\$NtUninstallKB939653$\dxtmsft.dll
-c----w 205,312 2007-06-14 18:09:19 C:\WINDOWS\$NtUninstallKB939653$\dxtrans.dll
-c----w 55,808 2007-06-14 18:09:19 C:\WINDOWS\$NtUninstallKB939653$\extmgr.dll
-c----w 18,432 2007-06-14 14:07:24 C:\WINDOWS\$NtUninstallKB939653$\iedw.exe
-c----w 251,392 2007-06-14 18:09:19 C:\WINDOWS\$NtUninstallKB939653$\iepeers.dll
-c----w 96,256 2007-06-14 18:09:19 C:\WINDOWS\$NtUninstallKB939653$\inseng.dll
-c----w 16,384 2007-06-14 18:09:19 C:\WINDOWS\$NtUninstallKB939653$\jsproxy.dll
-c----w 3,058,688 2007-06-14 18:09:20 C:\WINDOWS\$NtUninstallKB939653$\mshtml.dll
-c----w 449,024 2007-06-14 18:09:19 C:\WINDOWS\$NtUninstallKB939653$\mshtmled.dll
-c----w 146,432 2007-06-14 18:09:19 C:\WINDOWS\$NtUninstallKB939653$\msrating.dll
-c----w 532,480 2007-06-14 18:09:20 C:\WINDOWS\$NtUninstallKB939653$\mstime.dll
-c----w 39,424 2007-06-14 18:09:20 C:\WINDOWS\$NtUninstallKB939653$\pngfilt.dll
-c----w 1,494,528 2007-06-14 18:09:20 C:\WINDOWS\$NtUninstallKB939653$\shdocvw.dll
-c----w 474,112 2007-06-14 18:09:20 C:\WINDOWS\$NtUninstallKB939653$\shlwapi.dll
-c----w 615,424 2007-06-14 18:09:20 C:\WINDOWS\$NtUninstallKB939653$\urlmon.dll
-c----w 658,944 2007-06-26 14:09:10 C:\WINDOWS\$NtUninstallKB939653$\wininet.dll
-c----w 115,712 2007-06-14 13:39:54 C:\WINDOWS\$NtUninstallKB939653$\xpsp3res.dll
-c----w 213,216 2007-03-06 01:22:41 C:\WINDOWS\$NtUninstallKB939653$\spuninst\spuninst.exe
-c----w 371,424 2007-03-06 01:23:51 C:\WINDOWS\$NtUninstallKB939653$\spuninst\updspapi.dll
-c----w 683,520 2007-05-16 15:12:02 C:\WINDOWS\$NtUninstallKB941202$\inetcomm.dll
-c----w 213,216 2007-03-06 01:22:41 C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe
-c----w 371,424 2007-03-06 01:23:51 C:\WINDOWS\$NtUninstallKB941202$\spuninst\updspapi.dll
----a-w 14,048 2007-03-06 01:22:36 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\spmsg.dll
----a-w 213,216 2007-03-06 01:22:41 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\spuninst.exe
----a-w 1,022,976 2007-08-22 13:12:15 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2gdr\browseui.dll
----a-w 151,040 2007-08-22 13:12:15 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2gdr\cdfview.dll
----a-w 1,054,208 2007-08-22 13:12:16 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2gdr\danim.dll
----a-w 357,888 2007-08-22 13:12:16 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2gdr\dxtmsft.dll
----a-w 205,312 2007-08-22 13:12:16 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2gdr\dxtrans.dll
----a-w 55,808 2007-08-22 13:12:16 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2gdr\extmgr.dll
----a-w 18,432 2007-08-21 10:30:45 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2gdr\iedw.exe
----a-w 251,392 2007-08-22 13:12:16 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2gdr\iepeers.dll
----a-w 96,256 2007-08-22 13:12:16 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2gdr\inseng.dll
----a-w 16,384 2007-08-22 13:12:16 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2gdr\jsproxy.dll
----a-w 3,058,176 2007-08-22 13:12:17 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2gdr\mshtml.dll
----a-w 449,024 2007-08-22 13:12:17 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2gdr\mshtmled.dll
----a-w 146,432 2007-08-22 13:12:17 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2gdr\msrating.dll
----a-w 532,480 2007-08-22 13:12:17 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2gdr\mstime.dll
----a-w 39,424 2007-08-22 13:12:17 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2gdr\pngfilt.dll
----a-w 1,494,528 2007-08-22 13:12:18 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2gdr\shdocvw.dll
----a-w 474,112 2007-08-22 13:12:18 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2gdr\shlwapi.dll
----a-w 615,424 2007-08-22 13:12:18 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2gdr\urlmon.dll
----a-w 658,944 2007-08-22 13:12:18 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2gdr\wininet.dll
----a-w 115,712 2007-08-21 10:20:02 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2gdr\xpsp3res.dll
----a-w 1,022,976 2007-08-22 12:55:28 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2qfe\browseui.dll
----a-w 151,040 2007-08-22 12:55:29 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2qfe\cdfview.dll
----a-w 1,054,208 2007-08-22 12:55:30 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2qfe\danim.dll
----a-w 357,888 2007-08-22 12:55:30 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2qfe\dxtmsft.dll
----a-w 205,824 2007-08-22 12:55:31 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2qfe\dxtrans.dll
----a-w 55,808 2007-08-22 12:55:31 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2qfe\extmgr.dll
----a-w 18,432 2007-08-21 10:19:39 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2qfe\iedw.exe
----a-w 251,904 2007-08-22 12:55:32 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2qfe\iepeers.dll
----a-w 96,256 2007-08-22 12:55:32 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2qfe\inseng.dll
----a-w 16,384 2007-08-22 12:55:32 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2qfe\jsproxy.dll
----a-w 3,064,832 2007-08-22 12:55:36 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2qfe\mshtml.dll
----a-w 449,024 2007-08-22 12:55:37 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2qfe\mshtmled.dll
----a-w 146,432 2007-08-22 12:55:37 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2qfe\msrating.dll
----a-w 532,480 2007-08-22 12:55:38 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2qfe\mstime.dll
----a-w 39,424 2007-08-22 12:55:38 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2qfe\pngfilt.dll
----a-w 1,498,112 2007-08-22 12:55:40 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2qfe\shdocvw.dll
----a-w 474,112 2007-08-22 12:55:41 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2qfe\shlwapi.dll
----a-w 617,984 2007-08-22 12:55:43 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2qfe\urlmon.dll
----a-w 665,600 2007-08-22 12:55:44 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2qfe\wininet.dll
----a-w 350,720 2007-08-21 10:13:33 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\sp2qfe\xpsp3res.dll
----a-w 22,752 2007-03-06 01:22:34 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\update\spcustom.dll
----a-w 716,000 2007-03-06 01:22:59 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\update\update.exe
----a-w 371,424 2007-03-06 01:23:51 C:\WINDOWS\SoftwareDistribution\Download\0474e07262334919ca66aaa879430a63\update\updspapi.dll
----a-w 14,048 2005-10-12 23:12:25 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\spmsg.dll
----a-w 213,216 2005-10-12 23:12:26 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\spuninst.exe
----a-w 584,192 2007-07-09 13:09:42 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\SP2GDR\rpcrt4.dll
----a-w 115,712 2007-06-13 06:53:14 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\SP2GDR\xpsp3res.dll
----a-w 582,656 2007-07-09 13:16:16 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\SP2QFE\rpcrt4.dll
----a-w 350,720 2007-06-19 07:24:36 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\SP2QFE\xpsp3res.dll
----a-w 22,752 2005-10-12 23:12:25 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\update\spcustom.dll
----a-w 716,000 2005-10-12 23:12:28 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\update\update.exe
----a-w 371,424 2005-10-12 23:12:33 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\update\updspapi.dll
----a-w 14,048 2007-03-06 01:22:36 C:\WINDOWS\SoftwareDistribution\Download\8c426bb59cb8f380ba397304c1c563d0\spmsg.dll
----a-w 213,216 2007-03-06 01:22:41 C:\WINDOWS\SoftwareDistribution\Download\8c426bb59cb8f380ba397304c1c563d0\spuninst.exe
----a-w 683,520 2007-08-21 06:15:44 C:\WINDOWS\SoftwareDistribution\Download\8c426bb59cb8f380ba397304c1c563d0\sp2gdr\inetcomm.dll
----a-w 683,520 2007-08-21 06:25:02 C:\WINDOWS\SoftwareDistribution\Download\8c426bb59cb8f380ba397304c1c563d0\sp2qfe\inetcomm.dll
----a-w 22,752 2007-03-06 01:22:34 C:\WINDOWS\SoftwareDistribution\Download\8c426bb59cb8f380ba397304c1c563d0\update\spcustom.dll
----a-w 716,000 2007-03-06 01:22:59 C:\WINDOWS\SoftwareDistribution\Download\8c426bb59cb8f380ba397304c1c563d0\update\update.exe
----a-w 371,424 2007-03-06 01:23:51 C:\WINDOWS\SoftwareDistribution\Download\8c426bb59cb8f380ba397304c1c563d0\update\updspapi.dll
----a-w 1,022,976 2007-08-22 13:12:15 C:\WINDOWS\system32\browseui.dll
----a-w 151,040 2007-08-22 13:12:15 C:\WINDOWS\system32\cdfview.dll
----a-w 1,054,208 2007-08-22 13:12:16 C:\WINDOWS\system32\danim.dll
----a-w 357,888 2007-08-22 13:12:16 C:\WINDOWS\system32\dxtmsft.dll
----a-w 205,312 2007-08-22 13:12:16 C:\WINDOWS\system32\dxtrans.dll
----a-w 55,808 2007-08-22 13:12:16 C:\WINDOWS\system32\extmgr.dll
----a-w 251,392 2007-08-22 13:12:16 C:\WINDOWS\system32\iepeers.dll
----a-w 96,256 2007-08-22 13:12:16 C:\WINDOWS\system32\inseng.dll
----a-w 16,384 2007-08-22 13:12:16 C:\WINDOWS\system32\jsproxy.dll
----a-w 18,089,592 2007-09-28 05:19:39 C:\WINDOWS\system32\MRT.exe
----a-w 3,058,176 2007-08-22 13:12:17 C:\WINDOWS\system32\mshtml.dll
----a-w 449,024 2007-08-22 13:12:17 C:\WINDOWS\system32\mshtmled.dll
----a-w 146,432 2007-08-22 13:12:17 C:\WINDOWS\system32\msrating.dll
----a-w 532,480 2007-08-22 13:12:17 C:\WINDOWS\system32\mstime.dll
----a-w 39,424 2007-08-22 13:12:17 C:\WINDOWS\system32\pngfilt.dll
----a-w 584,192 2007-07-09 13:09:42 C:\WINDOWS\system32\rpcrt4.dll
----a-w 1,494,528 2007-08-22 13:12:18 C:\WINDOWS\system32\shdocvw.dll
----a-w 474,112 2007-08-22 13:12:18 C:\WINDOWS\system32\shlwapi.dll
------w 14,048 2005-10-12 23:12:25 C:\WINDOWS\system32\spmsg.dll
----a-w 615,424 2007-08-22 13:12:18 C:\WINDOWS\system32\urlmon.dll
----a-w 658,944 2007-08-22 13:12:18 C:\WINDOWS\system32\wininet.dll
----a-w 115,712 2007-08-21 10:20:02 C:\WINDOWS\system32\xpsp3res.dll
-c--a-w 1,022,976 2007-08-22 13:12:15 C:\WINDOWS\system32\dllcache\browseui.dll
-c--a-w 151,040 2007-08-22 13:12:15 C:\WINDOWS\system32\dllcache\cdfview.dll
-c--a-w 1,054,208 2007-08-22 13:12:16 C:\WINDOWS\system32\dllcache\danim.dll
-c--a-w 357,888 2007-08-22 13:12:16 C:\WINDOWS\system32\dllcache\dxtmsft.dll
-c--a-w 205,312 2007-08-22 13:12:16 C:\WINDOWS\system32\dllcache\dxtrans.dll
-c--a-w 55,808 2007-08-22 13:12:16 C:\WINDOWS\system32\dllcache\extmgr.dll
-c--a-w 18,432 2007-08-21 10:30:45 C:\WINDOWS\system32\dllcache\iedw.exe
-c--a-w 251,392 2007-08-22 13:12:16 C:\WINDOWS\system32\dllcache\iepeers.dll
-c--a-w 683,520 2007-08-21 06:15:44 C:\WINDOWS\system32\dllcache\inetcomm.dll
-c--a-w 96,256 2007-08-22 13:12:16 C:\WINDOWS\system32\dllcache\inseng.dll
-c--a-w 16,384 2007-08-22 13:12:16 C:\WINDOWS\system32\dllcache\jsproxy.dll
-c--a-w 3,058,176 2007-08-22 13:12:17 C:\WINDOWS\system32\dllcache\mshtml.dll
-c--a-w 449,024 2007-08-22 13:12:17 C:\WINDOWS\system32\dllcache\mshtmled.dll
-c--a-w 146,432 2007-08-22 13:12:17 C:\WINDOWS\system32\dllcache\msrating.dll
-c--a-w 532,480 2007-08-22 13:12:17 C:\WINDOWS\system32\dllcache\mstime.dll
-c--a-w 39,424 2007-08-22 13:12:17 C:\WINDOWS\system32\dllcache\pngfilt.dll
-c--a-w 584,192 2007-07-09 13:09:42 C:\WINDOWS\system32\dllcache\rpcrt4.dll
-c--a-w 1,494,528 2007-08-22 13:12:18 C:\WINDOWS\system32\dllcache\shdocvw.dll
-c--a-w 474,112 2007-08-22 13:12:18 C:\WINDOWS\system32\dllcache\shlwapi.dll
-c--a-w 615,424 2007-08-22 13:12:18 C:\WINDOWS\system32\dllcache\urlmon.dll
-c--a-w 658,944 2007-08-22 13:12:18 C:\WINDOWS\system32\dllcache\wininet.dll
.
----a-w 1,023,488 2007-06-14 18:09:18 C:\WINDOWS\system32\browseui.dll
----a-w 151,040 2007-06-14 18:09:18 C:\WINDOWS\system32\cdfview.dll
----a-w 1,054,208 2007-06-14 18:09:18 C:\WINDOWS\system32\danim.dll
----a-w 357,888 2007-06-14 18:09:18 C:\WINDOWS\system32\dxtmsft.dll
----a-w 205,312 2007-06-14 18:09:19 C:\WINDOWS\system32\dxtrans.dll
----a-w 55,808 2007-06-14 18:09:19 C:\WINDOWS\system32\extmgr.dll
----a-w 251,392 2007-06-14 18:09:19 C:\WINDOWS\system32\iepeers.dll
----a-w 96,256 2007-06-14 18:09:19 C:\WINDOWS\system32\inseng.dll
----a-w 16,384 2007-06-14 18:09:19 C:\WINDOWS\system32\jsproxy.dll
----a-w 17,474,680 2007-09-06 02:50:42 C:\WINDOWS\system32\MRT.exe
----a-w 3,058,688 2007-06-14 18:09:20 C:\WINDOWS\system32\mshtml.dll
----a-w 449,024 2007-06-14 18:09:19 C:\WINDOWS\system32\mshtmled.dll
----a-w 146,432 2007-06-14 18:09:19 C:\WINDOWS\system32\msrating.dll
----a-w 532,480 2007-06-14 18:09:20 C:\WINDOWS\system32\mstime.dll
----a-w 39,424 2007-06-14 18:09:20 C:\WINDOWS\system32\pngfilt.dll
----a-w 581,120 2004-08-04 04:56:46 C:\WINDOWS\system32\rpcrt4.dll
----a-w 1,494,528 2007-06-14 18:09:20 C:\WINDOWS\system32\shdocvw.dll
----a-w 474,112 2007-06-14 18:09:20 C:\WINDOWS\system32\shlwapi.dll
------w 14,048 2007-03-06 01:22:36 C:\WINDOWS\system32\spmsg.dll
----a-w 615,424 2007-06-14 18:09:20 C:\WINDOWS\system32\urlmon.dll
----a-w 658,944 2007-06-26 14:09:10 C:\WINDOWS\system32\wininet.dll
------w 115,712 2007-06-14 13:39:54 C:\WINDOWS\system32\xpsp3res.dll
-c--a-w 1,023,488 2007-06-14 18:09:18 C:\WINDOWS\system32\dllcache\browseui.dll
-c--a-w 151,040 2007-06-14 18:09:18 C:\WINDOWS\system32\dllcache\cdfview.dll
-c--a-w 1,054,208 2007-06-14 18:09:18 C:\WINDOWS\system32\dllcache\danim.dll
-c--a-w 357,888 2007-06-14 18:09:18 C:\WINDOWS\system32\dllcache\dxtmsft.dll
-c--a-w 205,312 2007-06-14 18:09:19 C:\WINDOWS\system32\dllcache\dxtrans.dll
-c--a-w 55,808 2007-06-14 18:09:19 C:\WINDOWS\system32\dllcache\extmgr.dll
-c--a-w 18,432 2007-06-14 14:07:24 C:\WINDOWS\system32\dllcache\iedw.exe
-c--a-w 251,392 2007-06-14 18:09:19 C:\WINDOWS\system32\dllcache\iepeers.dll
-c--a-w 683,520 2007-05-16 15:12:02 C:\WINDOWS\system32\dllcache\inetcomm.dll
-c--a-w 96,256 2007-06-14 18:09:19 C:\WINDOWS\system32\dllcache\inseng.dll
-c--a-w 16,384 2007-06-14 18:09:19 C:\WINDOWS\system32\dllcache\jsproxy.dll
-c--a-w 3,058,688 2007-06-14 18:09:20 C:\WINDOWS\system32\dllcache\mshtml.dll
-c--a-w 449,024 2007-06-14 18:09:19 C:\WINDOWS\system32\dllcache\mshtmled.dll
-c--a-w 146,432 2007-06-14 18:09:19 C:\WINDOWS\system32\dllcache\msrating.dll
-c--a-w 532,480 2007-06-14 18:09:20 C:\WINDOWS\system32\dllcache\mstime.dll
-c--a-w 39,424 2007-06-14 18:09:20 C:\WINDOWS\system32\dllcache\pngfilt.dll
-c--a-w 581,120 2004-08-04 04:56:46 C:\WINDOWS\system32\dllcache\rpcrt4.dll
-c--a-w 1,494,528 2007-06-14 18:09:20 C:\WINDOWS\system32\dllcache\shdocvw.dll
-c--a-w 474,112 2007-06-14 18:09:20 C:\WINDOWS\system32\dllcache\shlwapi.dll
-c--a-w 615,424 2007-06-14 18:09:20 C:\WINDOWS\system32\dllcache\urlmon.dll
-c--a-w 658,944 2007-06-26 14:09:10 C:\WINDOWS\system32\dllcache\wininet.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-10-06 07:02]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 15:32 C:\WINDOWS\KHALMNPR.Exe]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 06:48]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 13:54]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2007-01-19 13:49]
"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2007-09-12 19:33]
R2 tcaicchg;tcaicchg;\??\C:\WINDOWS\system32\tcaicchg.sys
R2 TCAITDI;TCAITDI Protocol;C:\WINDOWS\system32\DRIVERS\TCAITDI.sys
R3 WinDriver6;WinDriver6;C:\WINDOWS\system32\drivers\windrvr6.sys
S3 ASUSHWIO;ASUSHWIO;\??\C:\WINDOWS\system32\drivers\ASUSHWIO.sys
S3 PhilCam8116;Logitech QuickCam Pro 3000 (08B0);C:\WINDOWS\system32\DRIVERS\CamDrO21.sys
.
Contents of the 'Scheduled Tasks' folder
"2007-10-11 00:00:00 C:\WINDOWS\Tasks\At69.job"
"2007-10-10 23:47:00 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-10-10 20:44:01
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-10-10 20:47:18 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-10-10 20:47
C:\ComboFix2.txt ... 2007-10-08 17:48
.
--- E O F ---
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:54:41 PM, on 10/19/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\LMabcoms.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\SNDVOL32.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) -
http://housecall65.trendmicro.com/house ... hcImpl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -
http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: lmab_device - Lexmark International, Inc. - C:\WINDOWS\system32\LMabcoms.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
--
End of file - 3887 bytes