COMBO FIXComboFix 08-06-20.4 - Administrator 2008-06-26 22:19:01.1 - NTFSx86 NETWORK
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.527 [GMT -4:00]
Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\C\WINDOWS\BM0ff84c96.xml
C:\C\WINDOWS\pskt.ini
C:\C\WINDOWS\system32\byXOhIxU.dll
C:\C\WINDOWS\system32\drivers\npf.sys
C:\C\WINDOWS\system32\lxaemiuj.ini
C:\C\WINDOWS\system32\mcrh.tmp
C:\C\WINDOWS\system32\oaoypstc.ini
C:\C\WINDOWS\system32\packet.dll
C:\C\WINDOWS\system32\pthreadVC.dll
C:\C\WINDOWS\system32\pupwqquo.ini
C:\C\WINDOWS\system32\TssBayxx.ini
C:\C\WINDOWS\system32\TssBayxx.ini2
C:\C\WINDOWS\system32\ucisyqkp.ini
C:\C\WINDOWS\system32\UxIhOXyb.ini
C:\C\WINDOWS\system32\UxIhOXyb.ini2
C:\C\WINDOWS\system32\wanpacket.dll
C:\C\WINDOWS\system32\wmhtmukp.ini
C:\C\WINDOWS\system32\wmqpkidf.ini
C:\C\WINDOWS\system32\wpcap.dll
C:\C\WINDOWS\system32\wuqmfmbu.ini
C:\C\WINDOWS\system32\xxyaBssT.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_NPF
((((((((((((((((((((((((( Files Created from 2008-05-27 to 2008-06-27 )))))))))))))))))))))))))))))))
.
2008-06-25 18:45 . 2008-06-25 18:45 106,496 --a------ C:\C\WINDOWS\system32\vnanqidt.dll
2008-06-25 18:42 . 2008-06-25 18:42 81,920 --a------ C:\C\WINDOWS\system32\pkumthmw.dll
2008-06-25 18:39 . 2008-06-25 18:39 91,136 --a------ C:\C\WINDOWS\system32\nvsuikpa.dll
2008-06-24 20:14 . 2008-06-24 20:14 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\DAEMON Tools
2008-06-24 18:40 . 2008-06-24 18:40 99,840 --a------ C:\C\WINDOWS\system32\qxyxsxvg.dll
2008-06-24 18:38 . 2008-06-24 18:38 91,136 --a------ C:\C\WINDOWS\system32\crjdimbl.dll
2008-06-24 18:14 . 2008-06-24 18:14 <DIR> d-------- C:\Program Files\Trend Micro
2008-06-24 17:43 . 2008-06-24 17:43 <DIR> d-------- C:\Program Files\Unlocker
2008-06-24 17:43 . 2008-06-24 17:43 <DIR> d-------- C:\Documents and Settings\Christopher Benitez\Application Data\Desktopicon
2008-06-24 17:31 . 2008-06-24 17:31 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-24 17:29 . 2008-06-24 17:29 <DIR> d-------- C:\VundoFix Backups
2008-06-24 16:59 . 2008-06-24 16:59 99,840 --a------ C:\C\WINDOWS\system32\rkfpmwld.dll
2008-06-24 16:53 . 2008-06-24 16:53 91,136 --a------ C:\C\WINDOWS\system32\svyqxxua.dll
2008-06-23 22:17 . 2008-06-23 22:19 <DIR> d-------- C:\Documents and Settings\Administrator
2008-06-23 15:23 . 2008-06-23 15:23 105,984 --a------ C:\C\WINDOWS\system32\joltlavc.dll
2008-06-23 15:21 . 2008-06-23 15:21 81,408 --a------ C:\C\WINDOWS\system32\pkqysicu.dll
2008-06-23 15:20 . 2008-06-23 15:21 91,136 --a------ C:\C\WINDOWS\system32\mnhegwbc.dll
2008-06-22 15:44 . 2008-06-22 15:44 <DIR> d-------- C:\Documents and Settings\Christopher Benitez\Application Data\SPORE Creature Creator
2008-06-22 15:37 . 2008-06-22 15:37 107,888 --a------ C:\C\WINDOWS\system32\CmdLineExt.dll
2008-06-22 15:25 . 2008-06-22 15:25 99,328 --a------ C:\C\WINDOWS\system32\iemgxfbu.dll
2008-06-22 15:20 . 2008-06-22 15:20 111,616 --a------ C:\C\WINDOWS\system32\fajbdkqd.exe
2008-06-22 15:20 . 2008-06-22 15:20 90,624 --a------ C:\C\WINDOWS\system32\vdwvohxf.dll
2008-06-22 13:56 . 2008-06-22 13:56 <DIR> d-------- C:\ProgramData
2008-06-22 13:56 . 2008-06-22 13:56 2,694 --a------ C:\C\WINDOWS\system32\ealregsnapshot1.reg
2008-06-22 13:52 . 2008-06-22 13:57 <DIR> d-------- C:\Program Files\Electronic Arts
2008-06-20 20:20 . 2008-06-20 20:20 79,872 --------- C:\C\WINDOWS\system32\ctspyoao.dll
2008-06-15 23:52 . 2008-06-15 23:52 0 --a------ C:\C\WINDOWS\PowerReg.dat
2008-06-15 23:48 . 2008-06-15 23:48 <DIR> d-------- C:\Program Files\Infogrames Interactive
2008-06-15 19:09 . 2008-06-15 19:09 <DIR> d-------- C:\Documents and Settings\Christopher Benitez\Application Data\Leadertech
2008-06-15 18:47 . 2008-06-15 18:47 <DIR> d-------- C:\Program Files\Atari
2008-06-13 14:49 . 2008-06-13 14:49 <DIR> d-------- C:\Program Files\MegauploadToolbar
2008-06-13 14:49 . 2008-06-13 14:53 <DIR> d-------- C:\Documents and Settings\Christopher Benitez\Application Data\MegauploadToolbar
2008-06-11 11:41 . 2008-06-13 09:10 272,128 --------- C:\C\WINDOWS\system32\drivers\bthport.sys
2008-06-11 11:41 . 2008-06-13 09:10 272,128 -----c--- C:\C\WINDOWS\system32\dllcache\bthport.sys
2008-06-03 14:28 . 2008-06-03 14:28 <DIR> d-------- C:\Logs
2008-06-03 12:44 . 2008-06-10 18:12 <DIR> d-------- C:\Program Files\World of Warcraft
2008-06-02 15:16 . 2008-06-02 15:16 <DIR> d-------- C:\Nexon
2008-06-02 15:16 . 2008-06-02 15:16 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\NexonUS
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-25 20:44 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-16 14:51 --------- d-----w C:\Program Files\Rockstar Games
2008-06-14 15:08 --------- d-----w C:\Documents and Settings\Christopher Benitez\Application Data\LimeWire
2008-06-13 22:17 --------- d-----w C:\Program Files\EA GAMES
2008-06-03 18:28 --------- d-----w C:\Program Files\Common Files\Blizzard Entertainment
2008-05-27 23:44 --------- d-----w C:\Program Files\MAIET
2008-05-19 20:00 --------- d-----w C:\Program Files\Veoh Networks
2008-05-08 12:28 202,752 ----a-w C:\C\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 23:37 --------- d-----w C:\Program Files\City of Heroes
2008-05-06 22:38 --------- d-----w C:\Program Files\StepMania
2008-03-17 01:59 22,328 ----a-w C:\Documents and Settings\Christopher Benitez\Application Data\PnkBstrK.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2e3b5645-23dc-4295-a28b-ac0dfb4fb0fe}]
2008-06-25 18:45 106496 --a------ C:\C\WINDOWS\system32\vnanqidt.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\C\WINDOWS\system32\ctfmon.exe" [2006-02-28 08:00 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\C\WINDOWS\system32\igfxtray.exe" [2007-04-27 19:12 155648]
"HotKeysCmds"="C:\C\WINDOWS\system32\hkcmd.exe" [2007-04-27 19:12 126976]
"HPDJ Taskbar Utility"="C:\C\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe" [2006-01-06 15:07 188416]
"HPHmon04"="C:\C\WINDOWS\system32\hphmon04.exe" [2006-01-06 15:07 348160]
"XboxStat"="c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2007-09-26 19:05 734264]
"0ccb7f0a"="C:\C\WINDOWS\system32\pkumthmw.dll" [2008-06-25 18:42 81920]
"BM0ff84c96"="C:\C\WINDOWS\system32\nvsuikpa.dll" [2008-06-25 18:39 91136]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vtUonKcc]
vtUonKcc.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=joltlavc.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\C\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=C:\C\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 23:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
C:\Program Files\AIM6\aim6.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-03-21 04:30 486856 C:\Program Files\DAEMON Tools Lite\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
--a------ 2008-05-16 18:16 2732032 C:\Program Files\Electronic Arts\EADM\Core.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD04]
C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2007-12-11 13:10 267048 C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2004-10-13 12:24 1694208 C:\Program Files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-12-11 11:56 286720 C:\Program Files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
--a------ 2007-04-27 16:49 577536 C:\C\WINDOWS\soundman.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STYLEXP]
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-03-14 03:43 83608 C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
--a------ 2008-05-02 00:15 15872 C:\Program Files\Unlocker\UnlockerAssistant.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
--a------ 2008-05-08 16:53 3640368 C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
--------- 2006-10-18 20:05 204288 C:\Program Files\Windows Media Player\WMPNSCFG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
C:\Program Files\Zune\ZuneLauncher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Microsoft Games\\Zoo Tycoon 2 Trial Version\\zt2demoretail.exe"=
"C:\\C\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\C\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"C:\Nexon\Combat Arms\CombatArms.exe"= C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe
"C:\Nexon\Combat Arms\Engine.exe"= C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe
S3 XDva120;XDva120;C:\C\WINDOWS\system32\XDva120.sys []
.
Contents of the 'Scheduled Tasks' folder
"2007-07-15 05:36:49 C:\C\WINDOWS\Tasks\McDefragTask.job"
- c:\program files\mcafee\mqc\QcConsol.exe)
"2008-03-01 06:00:06 C:\C\WINDOWS\Tasks\McQcTask.job"
- c:\program files\mcafee\mqc\QcConsol.exe
"2007-05-06 17:35:42 C:\C\WINDOWS\Tasks\MP Scheduled Quick Scan.job"
- C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MpCmdRun.exe%Scan -RestrictPrivileges -ScanType 1
"2008-06-25 22:00:02 C:\C\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
"2008-06-26 19:50:02 C:\C\WINDOWS\Tasks\User_Feed_Synchronization-{0BC480E0-8D52-42E9-991E-DE95FF4EB36B}.job"
- C:\C\WINDOWS\system32\msfeedssync.exe
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-06-26 22:27:46
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PSSdk23]
"ImagePath"="\??\C:\C\WINDOWS\system32\Drivers\PsSdk23.drv"
.
------------------------ Other Running Processes ------------------------
.
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
.
**************************************************************************
.
Completion time: 2008-06-26 22:33:55 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-27 02:33:51
Pre-Run: 20,414,816,256 bytes free
Post-Run: 20,348,805,120 bytes free
205 --- E O F --- 2008-06-21 22:42:45
Uninstall list
7-Zip 4.57
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Reader 8.1.2
Adobe Shockwave Player
Apple Mobile Device Support
Apple Software Update
CEP - Color Enable Package
City of Heroes (remove only)
Civ3 Conquests v1.22 Full
Civilization III Complete Edition
Combat Arms
Comcast High-Speed Internet Install Wizard
Cruise Ship Tycoon
DivX Web Player
EA Download Manager
Google Earth
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Grand Theft Auto Vice City
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB906569)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Intel(R) Extreme Graphics Driver
iTunes
J2SE Runtime Environment 5.0 Update 3
Java(TM) SE Runtime Environment 6 Update 1
LimeWire 4.14.10
McAfee SecurityCenter
Megaupload Toolbar
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.1
Microsoft National Language Support Downlevel APIs
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Xbox 360 Accessories 1.1
Mozilla Firefox (3.0)
Mozilla Firefox (3.0b1)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 Parser and SDK
MSXML 6.0 Parser (KB933579)
Network Addon Mod Version June 2007
Norton Security Scan
Opera 9.21
Paint.NET v3.10
Photosmart 130,230,7150,7345,7350,7550 (Remove only)
PLAYSTATION(R)Network Downloader
Project64 1.6
PunkBuster Services
QuickTime
Realtek AC'97 Audio
RollerCoaster Tycoon 2
RollerCoaster Tycoon 2: Wacky Worlds
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Seven Kingdoms II
SimCity 4 Deluxe
SPORE™ Creature Creator Trial Edition
StepMania (remove only)
System Requirements Lab
TaxACT 2007
The Sims 2
The Sims Superstar
Unlocker 1.8.7
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB914882)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
VeohTV BETA
Viewpoint Media Player
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
WinPcap 3.1
WinRAR archiver
World of Warcraft
XBC 5.1
XBCD 1.07
XBCD 360 0.2.5
XBCD Uninstaller
Xbox 360 Controller for Windows
Yahoo! Install Manager
Yahoo! Internet Mail
Zoo Tycoon 2 Trial Version
New HiJackThis listLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:42:40 PM, on 6/26/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Safe mode with network support
Running processes:
C:\C\WINDOWS\System32\smss.exe
C:\C\WINDOWS\system32\winlogon.exe
C:\C\WINDOWS\system32\services.exe
C:\C\WINDOWS\system32\lsass.exe
C:\C\WINDOWS\system32\svchost.exe
C:\C\WINDOWS\system32\svchost.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\C\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\C\WINDOWS\system32\notepad.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: {ef0bf4bf-d0ca-b82a-5924-cd325465b3e2} - {2e3b5645-23dc-4295-a28b-ac0dfb4fb0fe} - C:\C\WINDOWS\system32\vnanqidt.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [IgfxTray] C:\C\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\C\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\C\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [HPHmon04] C:\C\WINDOWS\system32\hphmon04.exe
O4 - HKLM\..\Run: [XboxStat] "c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [0ccb7f0a] rundll32.exe "C:\C\WINDOWS\system32\pkumthmw.dll",b
O4 - HKLM\..\Run: [BM0ff84c96] Rundll32.exe "C:\C\WINDOWS\system32\nvsuikpa.dll",s
O4 - HKCU\..\Run: [ctfmon.exe] C:\C\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) -
http://javadl-esd.sun.com/update/1.6.0/ ... 586-jc.cabO16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) -
https://h17000.www1.hp.com/ewfrf-JAVA/S ... anager.ocxO20 - AppInit_DLLs: joltlavc.dll
O20 - Winlogon Notify: vtUonKcc - vtUonKcc.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Pml Driver HPH11 - HP - C:\C\WINDOWS\system32\HPHipm11.exe
O23 - Service: PnkBstrA - Unknown owner - C:\C\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
--
End of file - 6109 bytes