combofixComboFix 08-02-20.1 - paugey 2008-02-19 13:37:33.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1599 [GMT -5:00]
Running from: C:\Documents and Settings\paugey\Desktop\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\paugey\Application Data\WinTouch\WinTouch.exe
C:\WINDOWS\system32\gebcy.dll
C:\WINDOWS\system32\xwhceluz.dll
C:\WINDOWS\system32\yayvttu.dll
C:\Documents and Settings\All Users\Application Data\salesmonitor
C:\Documents and Settings\All Users\Desktop\AVSystemCare.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\AVSystemCare
C:\Documents and Settings\All Users\Start Menu\Programs\AVSystemCare\AVSystemCare.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\AVSystemCare\Contact Customer Support.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\AVSystemCare\Uninstall AVSystemCare.lnk
C:\Documents and Settings\LocalService\Application Data\NetMon
C:\Documents and Settings\LocalService\Application Data\NetMon\domains.txt
C:\Documents and Settings\LocalService\Application Data\NetMon\log.txt
C:\Documents and Settings\NetworkService\Application Data\NetMon
C:\Documents and Settings\NetworkService\Application Data\NetMon\domains.txt
C:\Documents and Settings\NetworkService\Application Data\NetMon\log.txt
C:\Documents and Settings\paugey\Application Data\AVSystemCare
C:\Documents and Settings\paugey\Application Data\AVSystemCare\avtasks.dat
C:\Documents and Settings\paugey\Application Data\AVSystemCare\Logs\av.log
C:\Documents and Settings\paugey\Application Data\AVSystemCare\Logs\ga6Support.log
C:\Documents and Settings\paugey\Application Data\AVSystemCare\Logs\update.log
C:\Documents and Settings\paugey\Application Data\DOBE~1
C:\Documents and Settings\paugey\Application Data\DOBE~1\?dobe\
C:\Documents and Settings\paugey\Application Data\DOBE~1\cmd.exe
C:\Documents and Settings\paugey\Application Data\FNTS~1
C:\Documents and Settings\paugey\Application Data\FNTS~1\??anregw.exe
C:\Documents and Settings\paugey\Application Data\WinTouch\wintouch.cfg
C:\Documents and Settings\paugey\Application Data\WinTouch\WinTouch.exe
C:\Documents and Settings\paugey\Application Data\WinTouch\WTUninstaller.exe
C:\Documents and Settings\paugey\ResErrors.log
C:\Documents and Settings\paugey\Start Menu\Programs\Outerinfo
C:\Documents and Settings\paugey\Start Menu\Programs\Outerinfo\Terms.lnk
C:\Documents and Settings\paugey\Start Menu\Programs\Outerinfo\Uninstall.lnk
C:\Program Files\AVSystemCare
C:\Program Files\AVSystemCare\Activate.exe
C:\Program Files\AVSystemCare\Config\pgs.xml
C:\Program Files\AVSystemCare\Dat\Activate.dat
C:\Program Files\AVSystemCare\Dat\BkSites.dat
C:\Program Files\AVSystemCare\Dat\bnlink.dat
C:\Program Files\AVSystemCare\Dat\incmp.dat
C:\Program Files\AVSystemCare\Dat\index.dat
C:\Program Files\AVSystemCare\Dat\pv.dat
C:\Program Files\AVSystemCare\Engines\AWBase\database\enemies.dat
C:\Program Files\AVSystemCare\Engines\AWBase\vbpv.dat
C:\Program Files\AVSystemCare\Engines\PGBase\vbpv.dat
C:\Program Files\AVSystemCare\Engines\plugins\BORLNDMM.DLL
C:\Program Files\AVSystemCare\Engines\plugins\SCANADWR.DLL
C:\Program Files\AVSystemCare\Engines\plugins\SCANBCDR.DLL
C:\Program Files\AVSystemCare\Engines\plugins\SCANDLDR.DLL
C:\Program Files\AVSystemCare\Engines\plugins\SCANDOS1.DLL
C:\Program Files\AVSystemCare\Engines\plugins\SCANEMUL.DLL
C:\Program Files\AVSystemCare\Engines\plugins\SCANFUNC.DLL
C:\Program Files\AVSystemCare\Engines\plugins\SCANKRNL.DLL
C:\Program Files\AVSystemCare\Engines\plugins\SCANMCR1.DLL
C:\Program Files\AVSystemCare\Engines\plugins\SCANOTHR.DLL
C:\Program Files\AVSystemCare\Engines\plugins\SCANSCR.DLL
C:\Program Files\AVSystemCare\Engines\plugins\SCANTOOL.DLL
C:\Program Files\AVSystemCare\Engines\plugins\SCANTROJ.DLL
C:\Program Files\AVSystemCare\Engines\plugins\SCANWIN1.DLL
C:\Program Files\AVSystemCare\Engines\plugins\UNACPU.DLL
C:\Program Files\AVSystemCare\Engines\plugins\UNADBX.DLL
C:\Program Files\AVSystemCare\Engines\plugins\unamscan.dll
C:\Program Files\AVSystemCare\Engines\plugins\UNMIME.DLL
C:\Program Files\AVSystemCare\Engines\plugins\UNPACK.DLL
C:\Program Files\AVSystemCare\Engines\plugins\UNPACKS.DLL
C:\Program Files\AVSystemCare\Engines\plugins\UNPACKS2.DLL
C:\Program Files\AVSystemCare\Engines\plugins\UNPEPACK.DLL
C:\Program Files\AVSystemCare\Engines\plugins\UpDate\UA27601.DLL
C:\Program Files\AVSystemCare\Engines\plugins\UpDate\UA27602.DLL
C:\Program Files\AVSystemCare\Engines\plugins\UpDate\UA27603.DLL
C:\Program Files\AVSystemCare\Engines\plugins\UpDate\UA27604.DLL
C:\Program Files\AVSystemCare\Engines\plugins\UpDate\UADAILY.DLL
C:\Program Files\AVSystemCare\Engines\plugins\vbpv.dat
C:\Program Files\AVSystemCare\FMTR.sys
C:\Program Files\AVSystemCare\fopnl.dll
C:\Program Files\AVSystemCare\FWSettings.bin
C:\Program Files\AVSystemCare\GA6PAX.ocx
C:\Program Files\AVSystemCare\GA6PAX.xml
C:\Program Files\AVSystemCare\Graphics\cross.gif
C:\Program Files\AVSystemCare\Graphics\ga6p.gif
C:\Program Files\AVSystemCare\Graphics\kb.url
C:\Program Files\AVSystemCare\Graphics\main.ico
C:\Program Files\AVSystemCare\Graphics\mini.ico
C:\Program Files\AVSystemCare\Graphics\Online.url
C:\Program Files\AVSystemCare\Graphics\rm.url
C:\Program Files\AVSystemCare\Graphics\support.ico
C:\Program Files\AVSystemCare\Graphics\Support.url
C:\Program Files\AVSystemCare\Graphics\uninstall.ico
C:\Program Files\AVSystemCare\history.db
C:\Program Files\AVSystemCare\LA\lapv.dat
C:\Program Files\AVSystemCare\LA\License.rtf
C:\Program Files\AVSystemCare\pgs.exe
C:\Program Files\AVSystemCare\ResErrors.log
C:\Program Files\AVSystemCare\Restart.exe
C:\Program Files\AVSystemCare\rpt.dll
C:\Program Files\AVSystemCare\RTasks.exe
C:\Program Files\AVSystemCare\scnkrnl.dll
C:\Program Files\AVSystemCare\settings.ini
C:\Program Files\AVSystemCare\sqlite3.dll
C:\Program Files\AVSystemCare\sr.log
C:\Program Files\AVSystemCare\Tools\IEFWBHO.dll
C:\Program Files\AVSystemCare\Tools\pg.dll
C:\Program Files\AVSystemCare\unins000.dat
C:\Program Files\AVSystemCare\unins000.exe
C:\Program Files\AVSystemCare\Up\ASupdater.dat
C:\Program Files\AVSystemCare\Up\gup.exe
C:\Program Files\AVSystemCare\Up\PGupdater.dat
C:\Program Files\AVSystemCare\Up\UBupdater.dat
C:\Program Files\AVSystemCare\Up\up.dat
C:\Program Files\AVSystemCare\Up\updater.dat
C:\Program Files\Common Files\AVSystemCare
C:\Program Files\Common Files\AVSystemCare\bm.exe
C:\Program Files\Common Files\AVSystemCare\ugcw.exe
C:\Program Files\Common Files\Yazzle1281OinAdmin.exe
C:\Program Files\Common Files\Yazzle1281OinUninstaller.exe
C:\Program Files\inetget2
C:\Program Files\Internet Explorer\qukatojy.dll
C:\Program Files\Internet Explorer\qukatojy19.dll
C:\Program Files\Internet Explorer\qukatojy544.dll
C:\Program Files\Internet Explorer\qukatojy636.dll
C:\Program Files\network monitor
C:\Program Files\network monitor\netmon.exe
C:\Program Files\outerinfo
C:\Program Files\outerinfo\FF\chrome.manifest
C:\Program Files\outerinfo\FF\components\FF.dll
C:\Program Files\outerinfo\FF\components\OuterinfoAds.xpt
C:\Program Files\outerinfo\FF\install.rdf
C:\Program Files\outerinfo\Terms.rtf
C:\Program Files\Router
C:\Program Files\Router\Router.exe
C:\Program Files\Router\UnInstall.exe
C:\Program Files\Temporary
C:\Program Files\Temporary\InsiDERIns.exe
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\Temp\isgTi19
C:\Temp\isgTi19\lPig.log
C:\WINDOWS\b104.exe
C:\WINDOWS\b116.exe
C:\WINDOWS\b138.exe
C:\WINDOWS\b151.exe
C:\WINDOWS\b153.exe
C:\WINDOWS\cGF1Z2V5\
C:\WINDOWS\cGF1Z2V5\\asappsrv.dll
C:\WINDOWS\cGF1Z2V5\\command.exe
C:\WINDOWS\cGF1Z2V5\\w3IYtZpc.vbs
C:\WINDOWS\cGF1Z2V5\command.exe
C:\WINDOWS\Downloaded Program Files\UGA6P_0001_N122M0611NetInstaller.exe
C:\WINDOWS\mrofinu1000106.exe
C:\WINDOWS\mrofinu572.exe
C:\WINDOWS\system32\a1
C:\WINDOWS\system32\a1\tliamdll2.exe
C:\WINDOWS\system32\atmtd.dll
C:\WINDOWS\system32\atmtd.dll._
C:\WINDOWS\system32\bip.dll
C:\WINDOWS\system32\bsbioakt.ini
C:\WINDOWS\system32\cbxxxvv.dll
C:\WINDOWS\system32\cxxcjdtw.ini
C:\WINDOWS\system32\drivers\fmtr.sys
C:\WINDOWS\system32\edmkcsmt.dll
C:\WINDOWS\system32\gebcy.dll
C:\WINDOWS\system32\iifefgg.dll
C:\WINDOWS\system32\jkklj.dll
C:\WINDOWS\system32\k5
C:\WINDOWS\system32\k5\thgd2241dll.exe
C:\WINDOWS\system32\lcwmpwnm.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\nGpxx01
C:\WINDOWS\system32\nGpxx01\nGpxx011065.exe
C:\WINDOWS\system32\p9
C:\WINDOWS\system32\p9\liopud89104.exe
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\ssqonlk.dll
C:\WINDOWS\system32\tkaoibsb.dll
C:\WINDOWS\system32\v6
C:\WINDOWS\system32\vturr.dll
C:\WINDOWS\system32\w11
C:\WINDOWS\system32\w11\hiba3133.exe
C:\WINDOWS\system32\waoumbhj.dll
C:\WINDOWS\system32\windows
C:\WINDOWS\system32\wtdjcxxc.dll
C:\WINDOWS\system32\xwhceluz.dll
C:\WINDOWS\system32\xwhceluz.dllbox
C:\WINDOWS\system32\yayvttu.dll
C:\WINDOWS\system32\ycbeg.ini
C:\WINDOWS\system32\ycbeg.ini2
C:\WINDOWS\tk58.exe
C:\WINDOWS\uninstall_nmon.vbs
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_CMDSERVICE
-------\LEGACY_FMTR
-------\LEGACY_NETWORK_MONITOR
-------\cmdService
-------\fmtr
-------\Network Monitor
((((((((((((((((((((((((( Files Created from 2008-01-20 to 2008-02-20 )))))))))))))))))))))))))))))))
.
2008-02-18 15:03 . 2008-02-18 15:03 <DIR> d-------- C:\Program Files\xInsIDE
2008-02-17 23:25 . 2008-02-17 23:25 <DIR> d--hs---- C:\UGA6P
2008-02-17 23:25 . 2001-03-08 18:30 24,064 --a------ C:\WINDOWS\system32\msxml3a.dll
2008-02-17 13:27 . 2008-02-17 13:27 36,864 --a------ C:\WINDOWS\17PHolmes572.exe
2008-02-17 12:35 . 2008-02-17 12:35 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Rabio
2008-02-17 12:32 . 2008-02-17 12:34 <DIR> d-------- C:\Program Files\RABCO
2008-02-17 12:32 . 2008-02-17 12:36 36,864 --a------ C:\WINDOWS\mrofinu572.exe.tmp
2008-02-17 12:31 . 2008-02-20 13:45 <DIR> d-------- C:\Temp
2008-01-28 21:58 . 2008-01-28 21:58 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-28 21:58 . 2008-01-28 21:58 1,409 --a------ C:\WINDOWS\QTFont.for
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-18 20:31 5,632 --sha-w C:\Program Files\Thumbs.db
2008-01-25 17:17 --------- d-----w C:\Program Files\Soulseek
2006-04-06 03:23 22,560 ----a-w C:\Documents and Settings\paugey\Application Data\GDIPFONTCACHEV1.DAT
2005-10-24 01:14 848 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2005-11-18 02:07 27,661 --sha-w C:\WINDOWS\system32\mllmj.dll
2005-11-18 02:07 27,661 --sha-w C:\WINDOWS\system32\pmnlm.dll
2005-11-03 01:54 28,173 --sha-w C:\WINDOWS\system32\vtstt.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1C2E5D27-A17C-4D89-85DD-3553C189380D}]
2008-01-30 14:02 414992 --a------ C:\Program Files\RABCO\RABCO.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3A455DF1-4CE1-44F4-AC65-EB21B9C33D95}]
2008-02-07 20:07 217088 --a------ C:\Program Files\Messenger\dipurexo89104.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SetDefaultMIDI"="MIDIDef.exe" [2005-02-17 10:18 24576 C:\WINDOWS\MIDIDEF.EXE]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 05:00 15360]
"Sen"="C:\DOCUME~1\paugey\APPLIC~1\DOBE~1\cmd.exe" [ ]
"Kgk"="C:\Documents and Settings\paugey\Application Data\F?nts\??anregw.exe" [ ]
"xInsIDE"="C:\Program Files\xInsIDE\xInsIDE.exe" [2008-02-18 15:03 53248]
"Router"="C:\Program Files\Router\Router.exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-02-15 15:02 155648]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-02-15 15:02 126976]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-12-06 01:05 127035]
"Dell QuickSet"="C:\Program Files\Dell\QuickSet\Quickset.exe" [2005-03-04 11:26 606208]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2005-09-16 08:43 274432]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-09-23 14:58 155648]
"CTHelper"="CTHELPER.EXE" [2005-02-17 10:23 14848 C:\WINDOWS\CTHELPER.EXE]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 16:50 221184]
"Broadcom Wireless Manager UI"="C:\WINDOWS\system32\WLTRAY.exe" [2005-12-19 10:08 1347584]
C:\Documents and Settings\paugey\Start Menu\Programs\Startup\
RABCO - Auto Update.lnk - C:\Program Files\RABCO\RABCOse.exe [2008-02-17 12:31:59 183216]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 02:01:04 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mljjk]
C:\WINDOWS\system32\mljjk.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk
backup=C:\WINDOWS\pss\Bluetooth Manager.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=C:\WINDOWS\pss\Digital Line Detect.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
backup=C:\WINDOWS\pss\QuickBooks Update Agent.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
--a------ 2004-09-13 16:33 155648 C:\Program Files\Apoint\Apoint.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BuildBU]
--a------ 2005-09-05 22:35 61440 c:\dell\bldbubg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]
--a------ 2005-03-04 11:26 606208 C:\Program Files\Dell\QuickSet\quickset.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
--a------ 2005-05-15 02:04 332800 C:\Program Files\Dell Support\DSAgnt.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
--------- 2005-02-23 16:19 53248 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IS CfgWiz]
C:\Program Files\Norton Internet Security\cfgwiz.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
--a------ 2004-07-27 16:50 221184 C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
--a------ 2004-07-27 16:50 81920 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
C:\Program Files\Dell\Media Experience\PCMService.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2005-09-23 14:58 155648 C:\Program Files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSC_UserPrompt]
C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2003-11-19 17:48 32881 C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
S3 MSControlService;Microsoft cache control;C:\WINDOWS\system32\windows []
S3 USBNET_XP;Instant Wireless XP USB Network Adapter ver.2.6 Driver;C:\WINDOWS\system32\DRIVERS\netusbxp.sys [2002-02-19 13:34]
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-02-20 14:15:41
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\RABCO\X_RABCOse.exe
.
**************************************************************************
.
Completion time: 2008-02-20 14:17:51 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-20 19:17:48
.
2008-02-13 02:49:43 --- E O F ---
hijackthisLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:22:10 PM, on 2/20/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\QuickSet\Quickset.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\xInsIDE\xInsIDE.exe
C:\Program Files\RABCO\X_RABCOse.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\HijackThis\removal.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://en.wikipedia.org/wiki/Main_PageO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: RabioBHO - {1C2E5D27-A17C-4D89-85DD-3553C189380D} - C:\Program Files\RABCO\RABCO.dll
O2 - BHO: (no name) - {3A455DF1-4CE1-44F4-AC65-EB21B9C33D95} - C:\Program Files\Messenger\dipurexo89104.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\Quickset.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Sen] "C:\DOCUME~1\paugey\APPLIC~1\DOBE~1\cmd.exe" -vt yazb
O4 - HKCU\..\Run: [Kgk] "C:\Documents and Settings\paugey\Application Data\F?nts\??anregw.exe"
O4 - HKCU\..\Run: [xInsIDE] C:\Program Files\xInsIDE\xInsIDE.exe
O4 - HKCU\..\Run: [Router] C:\Program Files\Router\Router.exe
O4 - Startup: RABCO - Auto Update.lnk = C:\Program Files\RABCO\RABCOse.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone:
http://*.avsystemcare.comO16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) -
http://security.symantec.com/sscv6/Shar ... vSniff.cabO16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -
http://security.symantec.com/sscv6/Shar ... /cabsa.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoftware.com/activescan ... asinst.cabO20 - Winlogon Notify: mljjk - C:\WINDOWS\system32\mljjk.dll (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Microsoft cache control (MSControlService) - Unknown owner - C:\WINDOWS\system32\windows (file missing)
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
--
End of file - 4753 bytes