Latest ComboFix log: ComboFix 08-08-24.02 - nakadasachiko 2008-09-09 7:53:05.4 - NTFSx86
Running from: C:\Documents and Settings\nakadasachiko\ƒfƒXƒNƒgƒbƒv\ComboFix.exe
Command switches used :: C:\Documents and Settings\nakadasachiko\ƒfƒXƒNƒgƒbƒv\CFScript.txt
* Created a new restore point
.
- REDUCED FUNCTIONALITY MODE -
FILE ::
C:\WINDOWS\Downloaded Program Files\gbn163.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\Downloaded Program Files\gbn163.exe
.
((((((((((((((((((((((((( Files Created from 2008-08-08 to 2008-09-08 )))))))))))))))))))))))))))))))
.
2008-09-09 01:05 . 2008-09-09 01:05 <DIR> d-------- C:\WINDOWS\Sun
2008-09-09 01:03 . 2008-09-09 01:27 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-09-09 01:03 . 2008-09-09 01:03 1,409 --a------ C:\WINDOWS\QTFont.for
2008-09-09 01:02 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\SYSTEM32\javacpl.cpl
2008-09-09 00:58 . 2008-09-09 01:02 <DIR> d-------- C:\Program Files\Java
2008-09-09 00:50 . 2008-09-09 02:24 <DIR> d-------- C:\WINDOWS\SYSTEM32\CatRoot_bak
2008-08-18 01:22 . 2008-08-18 01:22 <DIR> d-------- C:\Program Files\Trend Micro
2008-08-16 18:58 . 2008-05-01 23:30 331,776 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\msadce.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-08 20:05 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-08 20:04 --------- d-----w C:\Program Files\Spyware Doctor
2008-09-08 16:27 --------- d-----w C:\Program Files\PC Tools AntiVirus
2008-09-08 15:57 --------- d-----w C:\Program Files\Common Files\Java
2008-09-08 15:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-08-17 09:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype
2008-08-17 09:55 --------- d-----w C:\Program Files\Hewlett-Packard
2008-08-16 18:45 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-08-16 18:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-07-19 11:03 --------- d-----w C:\Program Files\XML
2008-07-19 10:49 --------- d-----w C:\Documents and Settings\nakadasachiko\Application Data\PC Tools
2008-07-19 10:48 --------- d-----w C:\Program Files\Google
2008-07-07 20:30 253,952 ----a-w C:\WINDOWS\SYSTEM32\es.dll
2008-07-07 20:30 253,952 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\es.dll
2008-06-24 16:22 74,240 ----a-w C:\WINDOWS\SYSTEM32\mscms.dll
2008-06-24 16:22 74,240 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\mscms.dll
2008-06-24 01:14 3,592,192 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtml.dll
2008-06-23 09:22 70,656 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ie4uinit.exe
2008-06-23 09:22 625,664 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iexplore.exe
2008-06-23 09:20 13,824 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieudinit.exe
2008-06-21 05:23 161,792 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieakui.dll
2008-06-20 17:39 243,200 ----a-w C:\WINDOWS\SYSTEM32\mswsock.dll
2008-06-20 17:39 243,200 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mswsock.dll
2008-06-20 17:39 148,992 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\dnsapi.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\tcpip.sys
2008-06-20 10:44 138,368 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\tcpip6.sys
2008-06-14 17:57 270,464 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\bthport.sys
2007-03-24 11:10 34,584 ----a-w C:\Documents and Settings\nakadasachiko\Application Data\GDIPFONTCACHEV1.DAT
.
((((((((((((((((((((((((((((( snapshot@2008-08-29_10.28.50.51 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-08 18:20:29 145,936 ----a-w C:\WINDOWS\SYSTEM32\FNTCACHE.DAT
+ 2008-09-08 15:14:49 145,936 ----a-w C:\WINDOWS\SYSTEM32\FNTCACHE.DAT
+ 2008-06-09 16:21:01 135,168 ----a-w C:\WINDOWS\SYSTEM32\java.exe
+ 2008-06-09 16:21:04 135,168 ----a-w C:\WINDOWS\SYSTEM32\javaw.exe
+ 2008-06-09 17:32:34 139,264 ----a-w C:\WINDOWS\SYSTEM32\javaws.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 16:55 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 16:55 208952]
"PHIME2002ASync"="C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 14:32 455168]
"PHIME2002A"="C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 14:32 455168]
"IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [2002-06-20 02:14 155648]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [2002-06-20 02:05 114688]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2002-08-01 14:43 126976]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2002-08-01 14:43 557056]
"imjpmig"="C:\Program Files\Common Files\Microsoft Shared\IME\IMJP\imjpmig.exe" [2003-09-03 12:33 192591]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2003-03-13 04:52 77824]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-06-26 09:46 497200]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [2006-06-26 10:34 614960]
"LVCOMSX"="C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-06-26 10:33 243248]
"PCTAVApp"="C:\Program Files\PC Tools AntiVirus\PCTAV.exe" [2008-03-05 09:37 1238928]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [2008-02-01 12:55 1103240]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"PCTVOICE"="pctspk.exe" [2002-10-11 00:39 163840 C:\WINDOWS\SYSTEM32\pctspk.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 16:55 15360]
C:\Documents and Settings\All Users\ƒXƒ^[ƒg ƒƒjƒ…[\ƒvƒƒOƒ‰ƒ€\ƒXƒ^[ƒgƒAƒbƒv\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 01:01:04 83360]
QuickShelf.lnk - C:\Program Files\Microsoft Reference\Microsoft Bookshelf 3.0\qshelf.exe [2000-12-20 19:06:16 36911]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.HFYU"= huffyuv.dll
"vidc.xvid"= xvid.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^ƒXƒ^[ƒg ƒƒjƒ…[^ƒvƒƒOƒ‰ƒ€^ƒXƒ^[ƒgƒAƒbƒv^Date Manager.lnk]
path=C:\Documents and Settings\All Users\ƒXƒ^[ƒg ƒƒjƒ…[\ƒvƒƒOƒ‰ƒ€\ƒXƒ^[ƒgƒAƒbƒv\Date Manager.lnk
backup=C:\WINDOWS\pss\Date Manager.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^ƒXƒ^[ƒg ƒƒjƒ…[^ƒvƒƒOƒ‰ƒ€^ƒXƒ^[ƒgƒAƒbƒv^GStartup.lnk]
path=C:\Documents and Settings\All Users\ƒXƒ^[ƒg ƒƒjƒ…[\ƒvƒƒOƒ‰ƒ€\ƒXƒ^[ƒgƒAƒbƒv\GStartup.lnk
backup=C:\WINDOWS\pss\GStartup.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^ƒXƒ^[ƒg ƒƒjƒ…[^ƒvƒƒOƒ‰ƒ€^ƒXƒ^[ƒgƒAƒbƒv^PrecisionTime.lnk]
path=C:\Documents and Settings\All Users\ƒXƒ^[ƒg ƒƒjƒ…[\ƒvƒƒOƒ‰ƒ€\ƒXƒ^[ƒgƒAƒbƒv\PrecisionTime.lnk
backup=C:\WINDOWS\pss\PrecisionTime.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^ƒXƒ^[ƒg ƒƒjƒ…[^ƒvƒƒOƒ‰ƒ€^ƒXƒ^[ƒgƒAƒbƒv^TabUserW.exe.lnk]
path=C:\Documents and Settings\All Users\ƒXƒ^[ƒg ƒƒjƒ…[\ƒvƒƒOƒ‰ƒ€\ƒXƒ^[ƒgƒAƒbƒv\TabUserW.exe.lnk
backup=C:\WINDOWS\pss\TabUserW.exe.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
R0 hpt3xx;hpt3xx;C:\WINDOWS\system32\DRIVERS\hpt3xx.sys [2001-08-17 13:52]
R3 {A7E39B01-B403-11d4-BD18-00D0B7A1821E};AIM 3.0 Part 01 Codec Driver VCH-A;C:\WINDOWS\system32\drivers\Vch.sys [2002-06-21 18:44]
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-09-09 07:55:05
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
C:\Documents and Settings\nakadasachiko\C:\Documents and Settings\nakadasachiko\C:\Documents and Settings\nakadasachiko\C:\Documents and Settings\nakadasachiko\C:\Documents and Settings\nakadasachiko\C:\Documents and Settings\nakadasachiko\C:\Documents and Settings\nakadasachiko\C:\Documents and Settings\nakadasachiko\ 4718592 bytes
C:\Documents and Settings\nakadasachiko\ 81920 bytes
C:\Documents and Settings\nakadasachiko\ 278 bytes
C:\Documents and Settings\nakadasachiko\C:\Documents and Settings\nakadasachiko\C:\Documents and Settings\nakadasachiko\C:\Documents and Settings\nakadasachiko\C:\Documents and Settings\nakadasachiko\C:\Documents and Settings\nakadasachiko\C:\Documents and Settings\nakadasachiko\C:\Documents and Settings\nakadasachiko\
C:\Documents and Settings\All Users\C:\Documents and Settings\All Users\C:\Documents and Settings\All Users\C:\Documents and Settings\All Users\C:\Documents and Settings\All Users\ 262144 bytes
C:\Documents and Settings\All Users\ 1024 bytes
C:\Documents and Settings\All Users\C:\Documents and Settings\All Users\C:\Documents and Settings\All Users\C:\Documents and Settings\All Users\
scan completed successfully
hidden files: 28
**************************************************************************
.
Completion time: 2008-09-09 8:01:11
ComboFix-quarantined-files.txt 2008-09-08 23:00:35
ComboFix2.txt 2008-09-08 15:30:54
ComboFix3.txt 2008-08-29 01:31:10
Pre-Run: 4,448,428,032 ƒoƒCƒg‚̋󂫗̈æ
Post-Run: 4,480,356,352 ƒoƒCƒg‚̋󂫗̈æ
151 --- E O F --- 2008-08-16 13:44:23
Latest HijackThis log:Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:04:33, on 09/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Microsoft Reference\Microsoft Bookshelf 3.0\qshelf.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live ?T?C?g?C?g ?w???p?[ - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\ja\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\ja\msntb.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [imjpmig] C:\Program Files\Common Files\Microsoft Shared\IME\IMJP\imjpmig.exe /RemAdvDef /AIMEREG /Migration /SetPreload
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [PCTAVApp] "C:\Program Files\PC Tools AntiVirus\PCTAV.exe" /MONITORSCAN
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Lookup in Bookshelf -
res://C:\Program Files\Microsoft Reference\Microsoft Bookshelf 3.0\bsdef.dll/#1001
O8 - Extra context menu item: Bookshelf‚ÅŒŸõ(&L) -
res://C:\Program Files\Microsoft Reference\Microsoft Bookshelf 3.0\bsdef.dll/#1001
O8 - Extra context menu item: Microsoft Excel ‚ɃGƒNƒXƒ|[ƒg(&X) -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun ? Java ????? - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone:
http://*.update.microsoft.comO16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
http://a1540.g.akamai.net/7/1540/52/200 ... taller.exeO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftup ... 1455382692O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) -
http://dl8-cdn-01.sun.com/s/ESD44/JSCDL ... 586-jc.cabO16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMe ... loader.cabO16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) -
http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?326O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - PC Tools Research Pty Ltd - C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
--
End of file - 7600 bytes