Combofixlog:
ComboFix 08-01-18.4 - Alex 2008-01-17 23:30:02.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.252 [GMT -5:00]
Running from: C:\Documents and Settings\Alex\desktop\combofix.exe
Command switches used :: /killall
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Alex\Favorites\Online Security Guide.lnk
C:\Documents and Settings\All Users.\documents\settings
C:\WINDOWS\cookies.ini
C:\WINDOWS\search_res.txt
C:\WINDOWS\system32\3_exception.nls
C:\WINDOWS\system32\aftpptex.ini
C:\WINDOWS\system32\ajrqabsq.dll
C:\WINDOWS\system32\aweqmihp.ini
C:\WINDOWS\system32\awtqn.dll
C:\WINDOWS\system32\bcnfghyl.dllbox
C:\WINDOWS\system32\bdltnpwe.dll
C:\WINDOWS\system32\config\system~1\Applic~1\Microsoft\25319.dat
C:\WINDOWS\system32\csadxtfd.dll
C:\WINDOWS\system32\dftxdasc.ini
C:\WINDOWS\system32\doscbmvk.ini
C:\WINDOWS\system32\drivers\ctl_w32.sys
C:\WINDOWS\system32\duucomck.dll
C:\WINDOWS\system32\etirdqrn.dll
C:\WINDOWS\system32\ewpntldb.ini
C:\WINDOWS\system32\exyrcptt.dll
C:\WINDOWS\system32\ffcsewql.dll
C:\WINDOWS\system32\fixdlatt.dll
C:\WINDOWS\system32\haeohjwk.ini
C:\WINDOWS\system32\hajnlepi.dll
C:\WINDOWS\system32\hyxorffs.dll
C:\WINDOWS\system32\igkasofn.dll
C:\WINDOWS\system32\ipdjiein.ini
C:\WINDOWS\system32\ipelnjah.ini
C:\WINDOWS\system32\iuikydhl.dll
C:\WINDOWS\system32\kcmocuud.ini
C:\WINDOWS\system32\kvmbcsod.dll
C:\WINDOWS\system32\kwjhoeah.dll
C:\WINDOWS\system32\lgmkkcdr.ini
C:\WINDOWS\system32\lmyrcsgw.dll
C:\WINDOWS\system32\loaeroxr.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\mcxrcwqs.ini
C:\WINDOWS\system32\mffajkiu.dll
C:\WINDOWS\system32\muxnhgtn.dll
C:\WINDOWS\system32\nbjdtmsp.ini
C:\WINDOWS\system32\nieijdpi.dll
C:\WINDOWS\system32\nnkdapym.dll
C:\WINDOWS\system32\noukcfrt.dll
C:\WINDOWS\system32\nqtwa.ini
C:\WINDOWS\system32\nqtwa.ini2
C:\WINDOWS\system32\nrqdrite.ini
C:\WINDOWS\system32\nsiesups.dll
C:\WINDOWS\system32\oeqnbngv.dll
C:\WINDOWS\system32\phimqewa.dll
C:\WINDOWS\system32\psmtdjbn.dll
C:\WINDOWS\system32\qkblfnyy.dll
C:\WINDOWS\system32\qukeexss.exe
C:\WINDOWS\system32\rlnolnhm.dllbox
C:\WINDOWS\system32\rpekkdmx.ini
C:\WINDOWS\system32\rpfwsqew.ini
C:\WINDOWS\system32\RunOnce.t__
C:\WINDOWS\system32\RunOnce.tmp
C:\WINDOWS\system32\sefphxeo.dll
C:\WINDOWS\system32\sffroxyh.ini
C:\WINDOWS\system32\spuseisn.ini
C:\WINDOWS\system32\sqwcrxcm.dll
C:\WINDOWS\system32\tsuqngqo.dll
C:\WINDOWS\system32\ttaldxif.ini
C:\WINDOWS\system32\ttpcryxe.ini
C:\WINDOWS\system32\ubqcfqjk.dllbox
C:\WINDOWS\system32\ufoneruq.dll
C:\WINDOWS\system32\uhsnuani.dll
C:\WINDOWS\system32\uikjaffm.ini
C:\WINDOWS\system32\update236.exe
C:\WINDOWS\system32\vgajxqlv.ini
C:\WINDOWS\system32\vlovwojp.dll
C:\WINDOWS\system32\vlqxjagv.dll
C:\WINDOWS\system32\vydrcyjc.dll
C:\WINDOWS\system32\wcxdwucw.dll
C:\WINDOWS\system32\weqswfpr.dll
C:\WINDOWS\system32\wnxhtcgp.dll
C:\WINDOWS\system32\wufnmkjx.ini
C:\WINDOWS\system32\xehrxtya.dll
C:\WINDOWS\system32\xetpptfa.dll
C:\WINDOWS\system32\xiwwifuv.dll
C:\WINDOWS\system32\xjkmnfuw.dll
C:\WINDOWS\system32\xmbmquby.ini
C:\WINDOWS\system32\xmdkkepr.dll
C:\WINDOWS\system32\ybuqmbmx.dll
C:\WINDOWS\system32\yfejxeuy.ini
C:\WINDOWS\system32\yoowcxgl.dll
C:\WINDOWS\system32\yuexjefy.dll
C:\WINDOWS\system32\yynflbkq.ini
C:\WINDOWS\Temp\350747274.exe
C:\WINDOWS\Temp\80.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_CTL_W32
-------\LEGACY_DOMAINSERVICE
-------\LEGACY_MICROSOFT_INET_SERVICE
-------\LEGACY_NDISWON
-------\LEGACY_SMTPDRV
-------\DomainService
-------\Microsoft Inet Service
-------\NdisWon
-------\runtime
((((((((((((((((((((((((( Files Created from 2007-12-18 to 2008-01-18 )))))))))))))))))))))))))))))))
.
2008-01-17 23:23 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-16 16:34 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-01-16 16:34 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-01-16 16:34 . 2007-12-20 23:11 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-01-16 16:34 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-01-16 16:34 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-01-16 16:34 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-01-16 16:34 . 2008-01-16 16:34 1,512 --a------ C:\WINDOWS\system32\tmp.reg
2008-01-13 20:01 . 2008-01-17 23:08 16,708 --a------ C:\WINDOWS\BM578d0c49.xml
2008-01-13 20:01 . 2008-01-17 20:21 22 --a------ C:\WINDOWS\pskt.ini
2008-01-13 19:39 . 2008-01-13 19:50 236,676 --a------ C:\WINDOWS\XSite Pro Uninstaller.exe
2008-01-13 19:38 . 2008-01-14 17:07 <DIR> d-------- C:\Program Files\XSite Pro
2008-01-13 19:38 . 2008-01-13 19:38 <DIR> d-------- C:\Program Files\Common Files\Thraex Software
2008-01-06 18:34 . 2008-01-06 18:34 <DIR> d-------- C:\Program Files\Affiliates Den
2007-12-31 17:18 . 2007-12-31 17:26 <DIR> d-------- C:\Program Files\Keyword Companion
2007-12-28 21:52 . 2007-12-28 21:52 <DIR> d-------- C:\Documents and Settings\Alex\Application Data\Nvu
2007-12-28 21:51 . 2007-12-28 21:51 <DIR> d-------- C:\Program Files\Nvu
2007-12-28 20:32 . 2008-01-03 18:47 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2007-12-28 20:25 . 2007-12-28 20:25 <DIR> d-------- C:\Program Files\Bonjour
2007-12-28 20:12 . 2007-12-28 20:12 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared
2007-12-25 15:25 . 2007-12-25 15:25 <DIR> d-------- C:\Program Files\GnuWin32
2007-12-19 20:07 . 2007-12-21 12:50 714 --ahs---- C:\WINDOWS\system32\eamwpnjr.ini
2007-12-18 20:15 . 2007-12-19 17:10 414 --ahs---- C:\WINDOWS\system32\pywmekhh.ini
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-18 04:22 --------- d-----w C:\Documents and Settings\Alex\Application Data\BitTorrent DNA
2008-01-14 00:50 --------- d-----w C:\Documents and Settings\Alex\Application Data\BitTorrent
2007-12-29 01:25 --------- d-----w C:\Program Files\Common Files\Adobe
2007-12-24 22:10 --------- d-----w C:\Program Files\DivX
2007-12-08 04:18 --------- d-----w C:\Documents and Settings\Administrator\Application Data\DivX
2007-12-08 03:30 --------- d-----w C:\Program Files\Alwil Software
2007-12-06 04:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-09-09 07:33 20,328 ----a-w C:\Documents and Settings\Alex\Application Data\GDIPFONTCACHEV1.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2CD4EF2F-83B8-4DF7-B089-AC3F61C39793}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{48A33288-EFC0-4517-9D6D-B88F3517C41D}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{545311FB-0BA1-4339-BE38-D3F4460EE76A}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6AAE3902-9C4D-40D5-ADF6-E939B435BDF4}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{873B6543-F617-4BC0-A5AB-E478D1A55844}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9211EEDD-36F6-4E91-92A2-53EF68DBC543}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9B5E7D71-FCF3-43B5-87EA-E524E6B1C547}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9CCF0F75-B008-4407-8DD6-C67836F514C0}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ABB46EE3-AE5B-46C8-8427-4CE7ABD39138}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B062320D-8FC0-47FF-BDE1-E0463E867438}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BBB05D9E-0297-404D-A6BF-D8F2876B84A6}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DFA8D324-926E-4F18-B279-04EF1D4BF88F}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E7BECD68-8278-459D-989E-35AEFF34714C}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E80EB728-8385-4640-8C2C-5B685A7B3041}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE3DB37E-AED0-4B40-9B3B-67881A75400D}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FDE2C7B9-6B52-4541-B1F5-4ACBC2285AAA}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FE86C98E-086F-4385-9621-EC30B137ADBF}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46 1460560]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [2007-10-04 10:20 50528]
"BitTorrent DNA"="C:\Program Files\BitTorrent_DNA\dna.exe" [2007-10-24 14:08 286016]
"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2007-11-13 15:48 3411968]
"AdobeUpdater"="C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2007-03-01 10:37 2321600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"54be3fd5"="C:\WINDOWS\system32\rjnpwmae.dll" [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\hggfeef]
hggfeef.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\rlnolnhm]
[HKLM\~\startupfolder\C:^Documents and Settings^Alex^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=C:\Documents and Settings\Alex\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Alex^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=C:\Documents and Settings\Alex\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=C:\WINDOWS\pss\LimeWire On Startup.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Program Neighborhood Agent.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Program Neighborhood Agent.lnk
backup=C:\WINDOWS\pss\Program Neighborhood Agent.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\54be3fd5]
C:\WINDOWS\system32\xetpptfa.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2007-05-11 03:06 40048 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
-ra------ 2007-03-01 10:37 2321600 C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
--a------ 2007-10-04 10:20 50528 C:\Program Files\AIM6\aim6.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]
--a------ 2007-09-06 06:06 79224 C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
--a------ 2007-10-24 14:08 286016 C:\Program Files\BitTorrent_DNA\dna.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-03 23:56 15360 C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2007-04-27 10:25 257088 C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\McAfeeUpdaterUI]
--a------ 2006-11-17 12:39 136768 C:\Program Files\McAfee\Common Framework\UdaterUI.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-04-27 08:41 282624 C:\Program Files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShStatEXE]
--a------ 2006-11-30 07:50 112216 C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2005-04-13 02:48 36975 C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2007-05-29 22:40 185896 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
--a------ 2007-11-13 15:48 3411968 C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSave]
C:\Program Files\Save\Save.exe
R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 16:38]
S1 ctl_w32;ctl_w32;C:\WINDOWS\system32\drivers\ctl_w32.sys []
.
Contents of the 'Scheduled Tasks' folder
"2008-01-18 02:26:14 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-01-17 23:42:06
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-01-17 23:44:03 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-18 04:43:59
HijackThislog:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:41:35 PM, on 1/18/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\BitTorrent_DNA\dna.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Alex\Desktop\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\Scriptcl.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: (no name) - {D4170A6E-8CE3-444B-ACA4-B3A0AF12C55C} - (no file)
O3 - Toolbar: (no name) - {11A69AE4-FBED-4832-A2BF-45AF82825583} - (no file)
O4 - HKLM\..\Run: [54be3fd5] rundll32.exe "C:\WINDOWS\system32\rjnpwmae.dll",b
O4 - HKLM\..\Run: [startdrv] C:\WINDOWS\Temp\startdrv.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US
ee://aol/imAppO4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\BitTorrent_DNA\dna.exe"
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: hggfeef - hggfeef.dll (file missing)
O20 - Winlogon Notify: rlnolnhm - C:\WINDOWS\
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 5240 bytes