ComboFix 07-08-30.3 - "Paul W" 2007-09-01 1:35:28.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.615 [GMT -5:00]
Command switches used :: C:\Documents and Settings\Paul Wills Sr\Desktop\Shortcut to CFScript.txt.lnk
* Created a new restore point
FILE::
C:\WINDOWS\SYSTEM32\sttss.ini2
C:\WINDOWS\SYSTEM32\sttss.bak2
C:\WINDOWS\SYSTEM32\sttss.bak1
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\VundoFix Backups
C:\VundoFix Backups\abivmufl.exe.bad
C:\VundoFix Backups\addmorefiles.txt
C:\VundoFix Backups\awfxfctm.dll.bad
C:\VundoFix Backups\bmijorcq.dll.bad
C:\VundoFix Backups\cdwxtnev.ini.bad
C:\VundoFix Backups\ckyfbknq.ini.bad
C:\VundoFix Backups\cxrtwftf.dll.bad
C:\VundoFix Backups\dfsjfatn.dll.bad
C:\VundoFix Backups\dsrjjoew.dll.bad
C:\VundoFix Backups\elexrvgi.ini.bad
C:\VundoFix Backups\epujdqik.ini.bad
C:\VundoFix Backups\ftfwtrxc.ini.bad
C:\VundoFix Backups\fwikvujh.ini.bad
C:\VundoFix Backups\fxdhnhxq.exe.bad
C:\VundoFix Backups\giqhrjoh.ini.bad
C:\VundoFix Backups\hhtsxpwt.dll.bad
C:\VundoFix Backups\hiqdnkxu.dll.bad
C:\VundoFix Backups\hjuvkiwf.dll.bad
C:\VundoFix Backups\hojrhqig.dll.bad
C:\VundoFix Backups\igvrxele.dll.bad
C:\VundoFix Backups\inixgujn.ini.bad
C:\VundoFix Backups\jpjmonlr.dll.bad
C:\VundoFix Backups\jtghdtfw.ini.bad
C:\VundoFix Backups\kiqdjupe.dll.bad
C:\VundoFix Backups\lsxcophw.ini.bad
C:\VundoFix Backups\mhtclilw.ini.bad
C:\VundoFix Backups\mnaknmvp.ini.bad
C:\VundoFix Backups\mrpwfftl.exe.bad
C:\VundoFix Backups\mtcfxfwa.ini.bad
C:\VundoFix Backups\njugxini.dll.bad
C:\VundoFix Backups\ntafjsfd.ini.bad
C:\VundoFix Backups\ohsfsooo.ini.bad
C:\VundoFix Backups\olgisait.dll.bad
C:\VundoFix Backups\onalvvur.dll.bad
C:\VundoFix Backups\ooosfsho.dll.bad
C:\VundoFix Backups\orlbejqx.ini.bad
C:\VundoFix Backups\orsyvfcg.exe.bad
C:\VundoFix Backups\pexpeqlv.exe.bad
C:\VundoFix Backups\pjnfopbw.ini.bad
C:\VundoFix Backups\psmwtctu.dll.bad
C:\VundoFix Backups\pvmnkanm.dll.bad
C:\VundoFix Backups\qcrojimb.ini.bad
C:\VundoFix Backups\qlwkhsgf.exe.bad
C:\VundoFix Backups\qnkbfykc.dll.bad
C:\VundoFix Backups\rcqcipxv.ini.bad
C:\VundoFix Backups\rlnomjpj.ini.bad
C:\VundoFix Backups\rpiahceo.exe.bad
C:\VundoFix Backups\rradbyxt.dll.bad
C:\VundoFix Backups\siitdbpu.ini.bad
C:\VundoFix Backups\sstts.dll.bad
C:\VundoFix Backups\tiasiglo.ini.bad
C:\VundoFix Backups\twpxsthh.ini.bad
C:\VundoFix Backups\txybdarr.ini.bad
C:\VundoFix Backups\upbdtiis.dll.bad
C:\VundoFix Backups\utctwmsp.ini.bad
C:\VundoFix Backups\uxkndqih.ini.bad
C:\VundoFix Backups\ventxwdc.dll.bad
C:\VundoFix Backups\vxpicqcr.dll.bad
C:\VundoFix Backups\wbpofnjp.dll.bad
C:\VundoFix Backups\weojjrsd.ini.bad
C:\VundoFix Backups\wftdhgtj.dll.bad
C:\VundoFix Backups\whpocxsl.dll.bad
C:\VundoFix Backups\wlilcthm.dll.bad
C:\VundoFix Backups\xqjeblro.dll.bad
C:\VundoFix Backups\ycyftsxo.ini.bad
C:\VundoFix Backups\ycyftsxo.tmp.bad
C:\VundoFix Backups\ygvkoohu.exe.bad
C:\WINDOWS\SYSTEM32\sttss.bak1
C:\WINDOWS\SYSTEM32\sttss.bak2
C:\WINDOWS\SYSTEM32\sttss.ini2
((((((((((((((((((((((((( Files Created from 2007-08-01 to 2007-09-01 )))))))))))))))))))))))))))))))
2007-08-30 20:29 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-27 23:37 <DIR> d-------- C:\DOCUME~1\PAULWI~1\APPLIC~1\CyberLink
2007-08-27 02:28 <DIR> d-------- C:\Program Files\Dumb
2007-08-27 00:32 <DIR> d--h----- C:\WINDOWS\SYSTEM32\GroupPolicy
2007-08-26 21:04 <DIR> d-------- C:\Program Files\Lavasoft
2007-08-26 21:04 <DIR> d-------- C:\DOCUME~1\PAULWI~1\APPLIC~1\Lavasoft
2007-08-08 17:50 <DIR> d-------- C:\Temp
2007-08-04 00:44 <DIR> dr-h----- C:\MSOCache
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-09-01 01:14 --------- d-------- C:\DOCUME~1\PAULWI~1\APPLIC~1\ComcastToolbar
2007-08-20 13:08 --------- d-------- C:\Program Files\RGB
2007-08-11 02:12 --------- d-------- C:\Program Files\Common Files\scanner
2007-08-10 01:34 --------- d-------- C:\Program Files\Google
2007-08-10 01:27 --------- d-------- C:\Program Files\Startup Inspector for Windows
2007-08-10 01:24 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
2007-08-10 01:23 --------- d-------- C:\Program Files\DivX
2007-08-10 01:17 --------- d-------- C:\DOCUME~1\PAULWI~1\APPLIC~1\wsInspector
2007-08-10 00:59 --------- d-------- C:\Program Files\McAfee
2007-08-09 23:51 --------- d-------- C:\DOCUME~1\CHERIC~1\APPLIC~1\Aim
2007-08-09 23:32 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-07-31 08:39 --------- d-------- C:\Program Files\Common Files\McAfee
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\dllcache\cdm.dll
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\dllcache\wuapi.dll
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\dllcache\wuauclt.exe
2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\dllcache\wucltui.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\dllcache\wuweb.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\dllcache\wuaueng.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\dllcache\wups.dll
2007-07-24 12:02 33800 --a------ C:\WINDOWS\system32\drivers\mferkdk.sys
2007-07-24 07:40 79304 --a------ C:\WINDOWS\system32\drivers\mfeavfk.sys
2007-07-21 09:08 40488 --a------ C:\WINDOWS\system32\drivers\mfesmfk.sys
2007-07-21 09:08 35240 --a------ C:\WINDOWS\system32\drivers\mfebopk.sys
2007-07-21 09:08 201288 --a------ C:\WINDOWS\system32\drivers\mfehidk.sys
2007-07-17 14:26 --------- d-------- C:\DOCUME~1\CHARSI~1\APPLIC~1\COMCASTTOOLBAR
2007-07-13 09:20 113952 --a------ C:\WINDOWS\system32\drivers\Mpfp.sys
2007-06-26 10:13 851968 --------- C:\WINDOWS\system32\dllcache\vgx.dll
2007-06-26 09:35 665600 --a------ C:\WINDOWS\system32\dllcache\wininet.dll
2007-06-26 01:08 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
2007-06-26 01:08 1104896 --a------ C:\WINDOWS\system32\dllcache\msxml3.dll
2007-06-19 08:31 282112 --a------ C:\WINDOWS\system32\gdi32.dll
2007-06-19 08:31 282112 --a------ C:\WINDOWS\system32\dllcache\gdi32.dll
2007-06-15 03:12 96256 --------- C:\WINDOWS\system32\dllcache\inseng.dll
2007-06-15 03:12 616960 --a------ C:\WINDOWS\system32\dllcache\urlmon.dll
2007-06-15 03:12 55808 --------- C:\WINDOWS\system32\dllcache\extmgr.dll
2007-06-15 03:12 532480 --------- C:\WINDOWS\system32\dllcache\mstime.dll
2007-06-15 03:12 474112 --a------ C:\WINDOWS\system32\dllcache\shlwapi.dll
2007-06-15 03:12 449024 --------- C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-06-15 03:12 39424 --a------ C:\WINDOWS\system32\dllcache\pngfilt.dll
2007-06-15 03:12 357888 --a------ C:\WINDOWS\system32\dllcache\dxtmsft.dll
2007-06-15 03:12 3064320 --------- C:\WINDOWS\system32\dllcache\mshtml.dll
2007-06-15 03:12 251904 --------- C:\WINDOWS\system32\dllcache\iepeers.dll
2007-06-15 03:12 205824 --------- C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-06-15 03:12 16384 --------- C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-06-15 03:12 151040 --------- C:\WINDOWS\system32\dllcache\cdfview.dll
2007-06-15 03:12 1498112 --a------ C:\WINDOWS\system32\dllcache\shdocvw.dll
2007-06-15 03:12 146432 --------- C:\WINDOWS\system32\dllcache\msrating.dll
2007-06-15 03:12 1054208 --------- C:\WINDOWS\system32\dllcache\danim.dll
2007-06-15 03:12 1022976 --a------ C:\WINDOWS\system32\dllcache\browseui.dll
2007-06-14 05:32 18432 --------- C:\WINDOWS\system32\dllcache\iedw.exe
2007-06-13 05:23 1033216 --a------ C:\WINDOWS\explorer.exe
2007-06-13 05:23 1033216 --------- C:\WINDOWS\system32\dllcache\explorer.exe
2006-03-29 20:57 9583368 --a------ C:\DOCUME~1\PAULWI~1\DesktopDoctor1.5.1.exe
2005-08-25 12:10 9516504 --a------ C:\DOCUME~1\CHARSI~1\DesktopDoctor1.0.exe
2006-11-16 03:30:46 848 --sha-w C:\WINDOWS\SYSTEM32\KGyGaAvL.sys
((((((((((((((((((((((((((((( snapshot_2007-08-30_203628.17 )))))))))))))))))))))))))))))))))))))))))
----a-w 32,768 2007-09-01 06:16:26 C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Cookies\index.dat
----a-w 32,768 2007-09-01 06:16:26 C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\index.dat
----a-w 32,768 2007-09-01 06:16:26 C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
----a-w 32,768 2007-08-31 01:26:43 C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Cookies\index.dat
----a-w 32,768 2007-08-31 01:26:43 C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\index.dat
----a-w 32,768 2007-08-31 01:26:43 C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSKAgentExe"="C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe" [2005-03-23 16:33]
"MSKDetectorExe"="C:\PROGRA~1\McAfee\SPAMKI~1\MskDetct.exe" [2005-03-23 15:47]
"CTSysVol"="C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe" [2003-09-17 11:43]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 02:00]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-08-23 19:19]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe" [2003-03-11 05:08]
"DeviceDiscovery"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [2002-12-02 21:56]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [2004-11-23 14:42]
"MMTray"="C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe" [2005-03-09 19:10]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" []
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 10:36]
"HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-08-04 02:33]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSKAGENTEXE"="C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe" [2005-03-23 16:33]
"DW4"="C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe" [2006-04-19 09:30]
"AWMON"="C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe" [2005-05-25 12:12]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]
"CheckNetworkConnection"="C:\Program Files\Support.com\providerComcast\desktopdoctor.exe" /flow /flow=diagnosenetwork /trayclick=true /haveconfirmedwiring=true /haverenewed=true /haverestartedmodem=true /onrestart=true /havehealed=true /issuenumber=9a966111-ec8c-4369-be6c-74dd82ac6fe6
C:\DOCUME~1\ADMINI~1\STARTM~1\Programs\Startup\
DESKTOP.INI [2004-08-19 17:07:20]
C:\DOCUME~1\CHARSI~1\STARTM~1\Programs\Startup\
DESKTOP.INI [2004-08-19 17:07:20]
C:\DOCUME~1\CHERIC~1\STARTM~1\Programs\Startup\
DESKTOP.INI [2004-08-19 17:07:20]
C:\DOCUME~1\PAULWI~1\STARTM~1\Programs\Startup\
DESKTOP.INI [2004-08-19 17:07:20]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM~1\STARTM~1\Programs\Startup\
DESKTOP.INI [2004-08-19 17:07:20]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelMeM]
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"DSBrokerService"=3 (0x3)
"BITS"=3 (0x3)
"Ati HotKey Poller"=2 (0x2)
R3 atinewp2;ATI eHomeWonder, WDM Video CODEC;C:\WINDOWS\system32\DRIVERS\atinewp2.sys
R3 P17;SB Live! 24-bit;C:\WINDOWS\system32\drivers\P17.sys
Contents of the 'Scheduled Tasks' folder
2007-08-15 06:11:32 C:\WINDOWS\Tasks\McDefragTask.job - c:\program files\mcafee\mqc\QcConsol.exe
2007-08-01 06:00:02 C:\WINDOWS\Tasks\McQcTask.job - c:\program files\mcafee\mqc\QcConsol.exe
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-09-01 01:40:00
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-09-01 1:40:55 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-09-01 01:40
C:\ComboFix2.txt ... 2007-08-30 20:36
--- E O F ---
Logfile of HijackThis v1.99.1
Scan saved at 1:44:37 AM, on 9/1/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe
C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.comcast.net/toolbar2.0/search/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.comcast.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.comcast.net/toolbar2.0/search/
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~2\COMCAS~2.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~2\COMCAS~2.DLL
O4 - HKLM\..\Run: [MSKAgentExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MskDetct.exe /startup
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DVDLauncher] C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
O4 - HKCU\..\Run: [DW4] "C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"
O4 - HKCU\..\Run: [AWMON] "C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe"
O4 - HKCU\..\RunOnce: [CheckNetworkConnection] "C:\Program Files\Support.com\providerComcast\desktopdoctor.exe" /flow /flow=diagnosenetwork /trayclick=true /haveconfirmedwiring=true /haverenewed=true /haverestartedmodem=true /onrestart=true /havehealed=true /issuenumber=9a966111-ec8c-4369-be6c-74dd82ac6fe6
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} -
http://www.comcast.net/ (file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} -
http://www.comcastsupport.com/ (file missing)
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} -
http://online.comcast.net/help/ (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -
http://download.mcafee.com/molbin/share ... cgdmgr.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
Ad-Aware SE Plus
Adobe Reader 7.0
AIM 6.0
ATI Display Driver
Comcast Rhapsody
Comcast Toolbar
Creative MediaSource
Dell Driver Reset Tool
DellSupport
HijackThis 1.99.1
Hotfix for Windows XP (KB896344)
hp deskjet 3600
hp deskjet 3600 series
HP Memories Disc
HP Photo and Imaging 2.0 - Deskjet Series
HP Update
Image Resizer Powertoy for Windows XP
Intel Application Accelerator
Intel(R) 537EP V9x DF PCI Modem
Internet Explorer Default Page
iTunes
Jasc Paint Shop Pro 8 Dell Edition
Java 2 Runtime Environment, SE v1.4.2_03
Java(TM) 6 Update 2
Macromedia Flash Player
McAfee SecurityCenter
McAfee SpamKiller
Microsoft .NET Framework 1.0 Hotfix (KB887998)
Microsoft .NET Framework 1.0 Hotfix (KB930494)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft Office Excel Viewer 2003
Microsoft Office XP Professional with FrontPage
Microsoft PowerPoint Viewer 97
Modem Event Monitor
Modem Helper
Modem On Hold
Musicmatch® Jukebox
Picture Package
PowerDVD 5.3
QuickTime
RealPlayer Basic
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938829)
Sonic Encoders
Sony USB Driver
Sound Blaster Live! 24-bit
The Weather Channel Desktop
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920342)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Viewpoint Media Player
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Media Player 10
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086