ComboFix 08-12-07.04 - owner 2008-12-08 16:49:16.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.227 [GMT -8:00]
Running from: c:\documents and settings\owner\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\owner\Desktop\CFScript.txt
* Created a new restore point
FILE ::
c:\windows\system32\ahafehoy.ini
c:\windows\system32\ateyanun.ini
c:\windows\system32\otojumal.ini
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\owner\Application Data\Azureus
c:\documents and settings\owner\Application Data\Azureus\.certs
c:\documents and settings\owner\Application Data\Azureus\.keystore
c:\documents and settings\owner\Application Data\Azureus\.lock
c:\documents and settings\owner\Application Data\Azureus\active\cache.dat
c:\documents and settings\owner\Application Data\Azureus\azureus.config
c:\documents and settings\owner\Application Data\Azureus\azureus.config.bak
c:\documents and settings\owner\Application Data\Azureus\azureus.statistics
c:\documents and settings\owner\Application Data\Azureus\azureus.statistics.bak
c:\documents and settings\owner\Application Data\Azureus\banips.config
c:\documents and settings\owner\Application Data\Azureus\banips.config.bak
c:\documents and settings\owner\Application Data\Azureus\dht\addresses.dat
c:\documents and settings\owner\Application Data\Azureus\dht\contacts.dat
c:\documents and settings\owner\Application Data\Azureus\dht\diverse.dat
c:\documents and settings\owner\Application Data\Azureus\dht\general.dat
c:\documents and settings\owner\Application Data\Azureus\dht\version.dat
c:\documents and settings\owner\Application Data\Azureus\downloads.config
c:\documents and settings\owner\Application Data\Azureus\downloads.config.bak
c:\documents and settings\owner\Application Data\Azureus\filters.config
c:\documents and settings\owner\Application Data\Azureus\friends.config
c:\documents and settings\owner\Application Data\Azureus\friends.config.bak
c:\documents and settings\owner\Application Data\Azureus\ipfilter.cache
c:\documents and settings\owner\Application Data\Azureus\logs\alerts_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\AutoSpeed_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\AutoSpeed_2.log
c:\documents and settings\owner\Application Data\Azureus\logs\AutoSpeedSearchHistory_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\clientid_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\debug_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\debug_2.log
c:\documents and settings\owner\Application Data\Azureus\logs\Friends_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\Friends_2.log
c:\documents and settings\owner\Application Data\Azureus\logs\MetaSearch_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\MetaSearch_2.log
c:\documents and settings\owner\Application Data\Azureus\logs\MetaSearch_Engine_3.txt
c:\documents and settings\owner\Application Data\Azureus\logs\MetaSearch_Engine_4.txt
c:\documents and settings\owner\Application Data\Azureus\logs\MetaSearch_Engine_5.txt
c:\documents and settings\owner\Application Data\Azureus\logs\MetaSearch_Engine_6.txt
c:\documents and settings\owner\Application Data\Azureus\logs\MetaSearch_Engine_7.txt
c:\documents and settings\owner\Application Data\Azureus\logs\MetaSearch_Engine_8.txt
c:\documents and settings\owner\Application Data\Azureus\logs\MetaSearch_Engine_9.txt
c:\documents and settings\owner\Application Data\Azureus\logs\NetStatus_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_alerts_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_AutoSpeed_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_AutoSpeed_2.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_AutoSpeedSearchHistory_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_clientid_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_debug_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_debug_2.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_Friends_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_Friends_2.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_MetaSearch_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_MetaSearch_2.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_MetaSearch_Engine_3.txt
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_MetaSearch_Engine_4.txt
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_MetaSearch_Engine_5.txt
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_MetaSearch_Engine_6.txt
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_MetaSearch_Engine_7.txt
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_MetaSearch_Engine_8.txt
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_MetaSearch_Engine_9.txt
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_NetStatus_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_seltrace_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_seltrace_2.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_SpeedMan_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_SpeedMan_2.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_Subscriptions_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_thread_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_thread_2.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_v3.ads_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_v3.CMsgr_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_v3.CMsgr_2.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_v3.Friends_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_v3.Friends_2.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_v3.MD_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_v3.PMsgr_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_v3.PMsgr_2.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_v3.Stream_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\save\1228609575062_v3.STres_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\seltrace_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\seltrace_2.log
c:\documents and settings\owner\Application Data\Azureus\logs\SpeedMan_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\SpeedMan_2.log
c:\documents and settings\owner\Application Data\Azureus\logs\Subscriptions_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\thread_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\thread_2.log
c:\documents and settings\owner\Application Data\Azureus\logs\v3.ads_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\v3.CMsgr_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\v3.CMsgr_2.log
c:\documents and settings\owner\Application Data\Azureus\logs\v3.Friends_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\v3.Friends_2.log
c:\documents and settings\owner\Application Data\Azureus\logs\v3.MD_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\v3.PMsgr_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\v3.PMsgr_2.log
c:\documents and settings\owner\Application Data\Azureus\logs\v3.Stream_1.log
c:\documents and settings\owner\Application Data\Azureus\logs\v3.STres_1.log
c:\documents and settings\owner\Application Data\Azureus\metasearch.config
c:\documents and settings\owner\Application Data\Azureus\metasearch.config.bak
c:\documents and settings\owner\Application Data\Azureus\net\pm_10538.dat
c:\documents and settings\owner\Application Data\Azureus\net\pm_33490.dat
c:\documents and settings\owner\Application Data\Azureus\net\pm_33650.dat
c:\documents and settings\owner\Application Data\Azureus\net\pm_6198.dat
c:\documents and settings\owner\Application Data\Azureus\net\pm_7385.dat
c:\documents and settings\owner\Application Data\Azureus\net\pm_7782.dat
c:\documents and settings\owner\Application Data\Azureus\net\pm_8047.dat
c:\documents and settings\owner\Application Data\Azureus\net\pm_default.dat
c:\documents and settings\owner\Application Data\Azureus\sidebarauto.config
c:\documents and settings\owner\Application Data\Azureus\subs\1E13AA0BF83ABC8E9812.vuze
c:\documents and settings\owner\Application Data\Azureus\subs\447229A3A371779E8871.vuze
c:\documents and settings\owner\Application Data\Azureus\subs\7121CFED9C398458EF19.vuze
c:\documents and settings\owner\Application Data\Azureus\subs\737553100CB057ACF094.vuze
c:\documents and settings\owner\Application Data\Azureus\subs\9167E16C9B7944056AC7.vuze
c:\documents and settings\owner\Application Data\Azureus\subs\A2D1735CA62F937A1F14.vuze
c:\documents and settings\owner\Application Data\Azureus\subs\ABF9516CE2871C653A09.vuze
c:\documents and settings\owner\Application Data\Azureus\subs\E67D8443DF3B6D5C02B4.vuze
c:\documents and settings\owner\Application Data\Azureus\subscriptions.config
c:\documents and settings\owner\Application Data\Azureus\tables.config
c:\documents and settings\owner\Application Data\Azureus\tables.config.bak
c:\documents and settings\owner\Application Data\Azureus\timingstats.dat
c:\documents and settings\owner\Application Data\Azureus\tmp\AZU25442.tmp
c:\documents and settings\owner\Application Data\Azureus\tmp\AZU25443.tmp
c:\documents and settings\owner\Application Data\Azureus\tmp\AZU25444.tmp
c:\documents and settings\owner\Application Data\Azureus\tmp\AZU25445.tmp
c:\documents and settings\owner\Application Data\Azureus\tmp\AZU25446.tmp
c:\documents and settings\owner\Application Data\Azureus\tmp\AZU25447.tmp
c:\documents and settings\owner\Application Data\Azureus\tmp\AZU25448.tmp
c:\documents and settings\owner\Application Data\Azureus\tmp\AZU25449.tmp
c:\documents and settings\owner\Application Data\Azureus\tmp\AZU25452.tmp
c:\documents and settings\owner\Application Data\Azureus\tmp\AZU25453.tmp
c:\documents and settings\owner\Application Data\Azureus\tmp\speedTestTorrent.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\[isoHunt] download.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\[isoHunt] Howard Stern Music Special(complete).mp3.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\[isoHunt] Howard Stern On Sirius-October2006-Full Month.1229570.SN.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\_Chaos.Theory[2007]DvDrip.AC3-aXXo.4222934.TPB.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\
08-21-2008 Howard Stern Showwrapupnews Stereo CF YTT (You Miss Nothing) 80k einstern_ST1715823.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\
09-09-2008 Howard Stern Showwrapupnews Stereo CF YTT (You Miss Nothing) 80k einstern_ST1787140.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\1605182
c:\documents and settings\owner\Application Data\Azureus\torrents\1794164
c:\documents and settings\owner\Application Data\Azureus\torrents\American_Gangster[2007][Unrated_Edition]DvDrip[Eng]-FXG.4007713.TPB.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\Ashley_Brookes_-_Hot_Blonde_Teen_webcam_and_washing_machine_masturbation.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\Ashley_Brookes_-_Hot_Blonde_Teen_webcam_and_washing_machine_masturbation[www.btmon.com].torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\Ashley_Brookes_-_Masturbates_Her_Wet_Pussy_in_Laundry_Room_porn[www.btmon.com].torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\AZU26499.tmp
c:\documents and settings\owner\Application Data\Azureus\torrents\AZU27112.tmp
c:\documents and settings\owner\Application Data\Azureus\torrents\AZU44358.tmp
c:\documents and settings\owner\Application Data\Azureus\torrents\AZU45516.tmp
c:\documents and settings\owner\Application Data\Azureus\torrents\AZU45521.tmp
c:\documents and settings\owner\Application Data\Azureus\torrents\AZU47965.tmp
c:\documents and settings\owner\Application Data\Azureus\torrents\AZU50434.tmp
c:\documents and settings\owner\Application Data\Azureus\torrents\Casino_Royale.DVDrip_JamPack-MP4.3615154.TPB.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\Chaos.Theory[2007]DvDrip.AC3-aXXo.4222934.TPB.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\Fletch_(1985)_DVDrip_DivX_[moVieVaultVision].avi.3870468.TPB.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\Flickr Uploadr.lnk
c:\documents and settings\owner\Application Data\Azureus\torrents\German_Teen_Strip___Masterbation.avi.4131857.TPB.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\Hannah.Montana.Season.1-Part.1_(1x01.to.1x05).3835876.TPB.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\Hannah_Montana_Pictures.3852978.TPB.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\Howard Stern - 09-09-08 + Wrap Up 64k.mp3.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\Howard Stern Show Full May 06 Complete 24k 2006 [www.Fulldls.com].torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\Howard Stern Show 9-11-01 WTC attack.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\Howard_Stern_-_All_Sirius_Shows_to_3_17_06_-_MP3_CBR_56___64_kbp.3459289.TPB.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\Howard_Stern_On_Sirius_January_2006_FIRST_Full_Month_On_Sirius__.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\HOWARD_STERN_SHOW_6-25-2008___WRAP_UP_Show_128K_MP3_CF.4260064.TPB.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\Jay-Z.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\Jay_Z_Discography.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\Jumper_2008_-_.avi.4037143.TPB.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\Leatherheads_2008_DvDrip_aXXo.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\Limp_Bizkit_1997_2005__320kbps_MP3_.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\Made_Of_Honor_2008_DvDrip_aXXo.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\National.Lampoon.One.Two.Many.DVDrip.Xvid.Mp3.[SuB].avi.4177499.TPB.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\National.Lampoon__s.Barely.Legal.2005.DVDRip.SVCD-OneDisc.3500866.TPB.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\Never_Back_Down_2008_DvDrip_aXXo.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\Ocean_s_13[2007]DvDrip[Eng]-aXXo.3886936.TPB.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\Pirates.Of.The.Caribbean.III.2007.DvDRip.Eng-FxM.3846226.TPB.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\Satan____s_School_for_Lust_(2002_unrated_DVDRip_Xvid).4163797.TPB.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\That__70s_Show_Complete_RESEED.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\That_70s_Show_Season_1.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\The Beatles Discography 1958-2003 38 CD ([Lossy mp3 320 kbps] pop_ST1565115.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\The_Love_Guru_2008_DvDrip_aXXo.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\The_Music_of_Howard_Stern__25_Years_of_Music_From_____The_Howard.3756991.TPB.torrent
c:\documents and settings\owner\Application Data\Azureus\torrents\The_Office.4x11.Night_Out.REPACK.HDTV_XviD.4155947.TPB.torrent
c:\documents and settings\owner\Application Data\Azureus\tracker.config
c:\documents and settings\owner\Application Data\Azureus\tracker.config.bak
c:\documents and settings\owner\Application Data\Azureus\unsentdata.config
c:\documents and settings\owner\Application Data\Azureus\unsentdata.config.bak
c:\documents and settings\owner\Application Data\Azureus\update.log
c:\documents and settings\owner\Application Data\Azureus\update.properties
c:\documents and settings\owner\Application Data\Azureus\upnp_trace1.log
c:\documents and settings\owner\Application Data\Azureus\v3.Friends.dat
c:\documents and settings\owner\Application Data\Azureus\v3.Friends.dat.bak
c:\documents and settings\owner\Application Data\Azureus\VuzeActivities.config
c:\documents and settings\owner\Application Data\Azureus\VuzeActivities.config.bak
c:\program files\Azureus
c:\program files\Azureus\.install4j\_shfoldr.dll
c:\program files\Azureus\.install4j\autoUninstall.0
c:\program files\Azureus\.install4j\files.log
c:\program files\Azureus\.install4j\i4j_extf_0_5p83tu.utf8
c:\program files\Azureus\.install4j\i4j_extf_1_5p83tu_jhp9vg.png
c:\program files\Azureus\.install4j\i4j_extf_2_5p83tu.txt
c:\program files\Azureus\.install4j\i4j_extf_3_5p83tu_1kde336.ico
c:\program files\Azureus\.install4j\i4j_extf_4_5p83tu_62t8mu.icns
c:\program files\Azureus\.install4j\i4jdel.exe
c:\program files\Azureus\.install4j\i4jinst.dll
c:\program files\Azureus\.install4j\i4jparams.conf
c:\program files\Azureus\.install4j\i4jruntime.jar
c:\program files\Azureus\.install4j\inst_jre.cfg
c:\program files\Azureus\.install4j\install.prop
c:\program files\Azureus\.install4j\installation.log
c:\program files\Azureus\.install4j\installer16.png
c:\program files\Azureus\.install4j\installer32.png
c:\program files\Azureus\.install4j\installerHeader.png
c:\program files\Azureus\.install4j\MessagesDefault
c:\program files\Azureus\.install4j\response.varfile
c:\program files\Azureus\.install4j\unicows.dll
c:\program files\Azureus\.install4j\uninstallerHeader.png
c:\program files\Azureus\.install4j\user.jar
c:\program files\Azureus\aereg.dll
c:\program files\Azureus\Azureus.exe
c:\program files\Azureus\Azureus.exe.manifest
c:\program files\Azureus\Azureus.properties
c:\program files\Azureus\Azureus2.jar
c:\program files\Azureus\AzureusUpdater.exe
c:\program files\Azureus\GPL.txt
c:\program files\Azureus\hs_err_pid1388.log
c:\program files\Azureus\installer.log
c:\program files\Azureus\msvcr71.dll
c:\program files\Azureus\plugins\azemp\azemp_1.9.11.jar
c:\program files\Azureus\plugins\azemp\azemp_1.9.11.zip
c:\program files\Azureus\plugins\azemp\azemp_2.0.11.jar
c:\program files\Azureus\plugins\azemp\azemp_2.0.14.jar
c:\program files\Azureus\plugins\azemp\azemp_2.0.14.zip
c:\program files\Azureus\plugins\azemp\azemp_2.0.16.jar
c:\program files\Azureus\plugins\azemp\azemp_2.0.16.zip
c:\program files\Azureus\plugins\azemp\azemp_2.0.28.jar
c:\program files\Azureus\plugins\azemp\azemp_2.0.28.zip
c:\program files\Azureus\plugins\azemp\azemp_2.0.32.jar
c:\program files\Azureus\plugins\azemp\azemp_2.0.32.zip
c:\program files\Azureus\plugins\azemp\azmplay.exe
c:\program files\Azureus\plugins\azemp\azmplay.exe.bak
c:\program files\Azureus\plugins\azemp\azureus.sig
c:\program files\Azureus\plugins\azemp\cp1250-a.raw
c:\program files\Azureus\plugins\azemp\cp1250-a.raw.bak
c:\program files\Azureus\plugins\azemp\cp1250-b.raw
c:\program files\Azureus\plugins\azemp\cp1250-b.raw.bak
c:\program files\Azureus\plugins\azemp\font.desc
c:\program files\Azureus\plugins\azemp\font.desc.bak
c:\program files\Azureus\plugins\azemp\osd-mplayer-a.raw
c:\program files\Azureus\plugins\azemp\osd-mplayer-a.raw.bak
c:\program files\Azureus\plugins\azemp\osd-mplayer-b.raw
c:\program files\Azureus\plugins\azemp\osd-mplayer-b.raw.bak
c:\program files\Azureus\plugins\azemp\plugin.properties
c:\program files\Azureus\plugins\azemp\plugin.properties_1.9.11
c:\program files\Azureus\plugins\azemp\plugin.properties_2.0.14
c:\program files\Azureus\plugins\azemp\plugin.properties_2.0.16
c:\program files\Azureus\plugins\azemp\plugin.properties_2.0.28
c:\program files\Azureus\plugins\azemp\plugin.properties_2.0.32
c:\program files\Azureus\plugins\azplugins\azplugins_2.1.6.jar
c:\program files\Azureus\plugins\azrating\azrating_1.3.1.jar
c:\program files\Azureus\plugins\azupdater\azupdaterpatcher_1.8.8.jar
c:\program files\Azureus\plugins\azupdater\azureus.sig
c:\program files\Azureus\plugins\azupdater\plugin.properties
c:\program files\Azureus\plugins\azupdater\Updater.jar
c:\program files\Azureus\plugins\azupnpav\azupnpav_0.2.0.jar
c:\program files\Azureus\plugins\azupnpav\azupnpav_0.2.1.jar
c:\program files\Azureus\plugins\azupnpav\azupnpav_0.2.1.zip
c:\program files\Azureus\plugins\azupnpav\azupnpav_0.2.2.jar
c:\program files\Azureus\plugins\azupnpav\azupnpav_0.2.2.zip
c:\program files\Azureus\plugins\azupnpav\azureus.sig
c:\program files\Azureus\plugins\azupnpav\plugin.properties
c:\program files\Azureus\plugins\azupnpav\plugin.properties_0.2.1
c:\program files\Azureus\plugins\azupnpav\plugin.properties_0.2.2
c:\program files\Azureus\swt.jar
c:\program files\Azureus\TOS.txt
c:\program files\Azureus\uninstall.exe
c:\windows\system32\ahafehoy.ini
c:\windows\system32\ateyanun.ini
c:\windows\system32\otojumal.ini
.
((((((((((((((((((((((((( Files Created from 2008-11-09 to 2008-12-09 )))))))))))))))))))))))))))))))
.
2008-12-04 17:32 . 2008-12-04 17:32 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Malwarebytes
2008-12-03 16:29 . 2008-12-03 16:29 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2008-12-03 16:28 . 2008-12-03 16:28 <DIR> d-------- c:\program files\TeaTimer (Spybot - Search & Destroy)
2008-12-03 16:28 . 2008-12-03 16:28 <DIR> d-------- c:\program files\SDHelper (Spybot - Search & Destroy)
2008-12-03 16:28 . 2008-12-03 16:28 <DIR> d-------- c:\program files\Misc. Support Library (Spybot - Search & Destroy)
2008-12-03 16:28 . 2008-12-03 16:28 <DIR> d-------- c:\program files\File Scanner Library (Spybot - Search & Destroy)
2008-11-30 19:49 . 2008-11-30 19:49 <DIR> d-------- c:\program files\Lavasoft
2008-11-30 19:48 . 2008-12-03 16:26 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2008-11-30 18:56 . 2008-12-06 23:49 <DIR> d-------- c:\program files\Flock
2008-11-26 21:26 . 2008-12-03 16:27 <DIR> d-------- c:\program files\Mystery P.I. - The Vegas Heist
2008-11-25 17:51 . 2008-12-03 16:29 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-11-25 17:51 . 2008-11-25 17:51 <DIR> d-------- c:\documents and settings\owner\Application Data\Malwarebytes
2008-11-25 17:51 . 2008-11-25 17:51 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-25 17:51 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-25 17:51 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-23 12:36 . 2008-11-23 12:36 <DIR> d-------- C:\My Games
2008-11-16 22:14 . 2008-11-16 22:14 <DIR> d-------- c:\documents and settings\owner\Application Data\SpinTop Games
2008-11-16 22:13 . 2008-11-16 22:13 <DIR> d-------- c:\program files\Mystery P.I. - The New York Fortune
2008-11-14 17:37 . 2008-11-14 17:37 <DIR> d-------- c:\program files\Free Fire Screensaver
2008-11-14 17:37 . 2008-11-14 17:37 <DIR> d-------- c:\documents and settings\owner\Application Data\Laconic Software
2008-11-11 15:49 . 2008-10-24 03:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-11 15:48 . 2008-09-04 09:15 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-04 00:28 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-12-04 00:27 --------- d-----w c:\documents and settings\All Users\Application Data\SpinTop Games
2008-12-03 01:00 --------- d-----w c:\documents and settings\owner\Application Data\AVG7
2008-12-02 23:59 --------- d-----w c:\documents and settings\owner\Application Data\HPAppData
2008-11-27 05:12 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-11-23 20:36 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-23 20:36 --------- d-----w c:\program files\Real
2008-11-06 20:15 --------- d-----w c:\documents and settings\owner\Application Data\Move Networks
2008-10-25 21:31 --------- d-----w c:\program files\DivX
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-16 22:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 22:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 22:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 22:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 22:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 22:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 22:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 22:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-01 00:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-16 00:14 524,288 ----a-w c:\windows\system32\DivXsm.exe
2008-09-16 00:14 3,596,288 ----a-w c:\windows\system32\qt-dx331.dll
2008-09-16 00:14 129,784 ------w c:\windows\system32\pxafs.dll
2008-09-16 00:14 120,056 ------w c:\windows\system32\pxcpyi64.exe
2008-09-16 00:14 118,520 ------w c:\windows\system32\pxinsi64.exe
2008-09-16 00:12 81,920 ----a-w c:\windows\system32\dpl100.dll
2008-09-16 00:12 593,920 ----a-w c:\windows\system32\dpuGUI11.dll
2008-09-16 00:12 57,344 ----a-w c:\windows\system32\dpv11.dll
2008-09-16 00:12 53,248 ----a-w c:\windows\system32\dpuGUI10.dll
2008-09-16 00:12 344,064 ----a-w c:\windows\system32\dpus11.dll
2008-09-16 00:12 294,912 ----a-w c:\windows\system32\dpu11.dll
2008-09-16 00:12 294,912 ----a-w c:\windows\system32\dpu10.dll
2008-09-16 00:12 200,704 ----a-w c:\windows\system32\ssldivx.dll
2008-09-16 00:12 196,608 ----a-w c:\windows\system32\dtu100.dll
2008-09-16 00:12 1,044,480 ----a-w c:\windows\system32\libdivx.dll
2008-09-16 00:11 823,296 ----a-w c:\windows\system32\divx_xx0c.dll
2008-09-16 00:11 823,296 ----a-w c:\windows\system32\divx_xx07.dll
2008-09-16 00:11 815,104 ----a-w c:\windows\system32\divx_xx0a.dll
2008-09-16 00:11 802,816 ----a-w c:\windows\system32\divx_xx11.dll
2008-09-16 00:11 683,520 ----a-w c:\windows\system32\DivX.dll
2008-09-16 00:11 161,096 ----a-w c:\windows\system32\DivXCodecVersionChecker.exe
2008-09-16 00:11 12,288 ----a-w c:\windows\system32\DivXWMPExtType.dll
2008-09-15 12:12 1,846,400 ----a-w c:\windows\system32\win32k.sys
2008-09-10 01:14 1,307,648 ------w c:\windows\system32\msxml6.dll
2008-02-10 01:03 0 ---h--w c:\documents and settings\All Users\Application Data\PKP_DLds.DAT
2008-01-20 07:00 20 ---h--w c:\documents and settings\All Users\Application Data\PKP_DLec.DAT
2008-09-04 21:28 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008090420080905\index.dat
.
((((((((((((((((((((((((((((( snapshot@2008-12-07_11.00.51.71 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-07-19 06:10:20 36,552 -c--a-w c:\windows\system32\dllcache\wups.dll
+ 2008-10-16 22:08:58 34,328 -c--a-w c:\windows\system32\dllcache\wups.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 153136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-11-27 98304]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-11-27 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-11-27 118784]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"THotkey"="c:\program files\Toshiba\Toshiba Applet\thotkey.exe" [2006-01-05 352256]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-12-16 82009]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-12-16 761945]
"LtMoh"="c:\program files\ltmoh\Ltmoh.exe" [2004-08-18 184320]
"Tvs"="c:\program files\Toshiba\Tvs\TvsTray.exe" [2005-11-30 73728]
"SmoothView"="c:\program files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [2005-04-26 122880]
"dla"="c:\windows\system32\dla\DLACTRLW.exe" [2005-10-06 122940]
"Pinger"="c:\toshiba\ivp\ism\pinger.exe" [2005-03-17 151552]
"AVG7_CC"="c:\progra~1\Grisoft\AVG7\avgcc.exe" [2008-10-17 590848]
"PaperPort PTD"="c:\program files\Scansoft\PaperPort\pptd40nt.exe" [2002-08-12 45108]
"IndexSearch"="c:\program files\Scansoft\PaperPort\IndexSearch.exe" [2002-08-12 36864]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"TFncKy"="TFncKy.exe" [BU]
"TDispVol"="TDispVol.exe" [2005-03-11 c:\windows\system32\TDispVol.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2005-10-15 c:\windows\agrsmmsg.exe]
"NDSTray.exe"="NDSTray.exe" [BU]
"TPSMain"="TPSMain.exe" [2005-05-31 c:\windows\system32\TPSMain.exe]
"CFSServ.exe"="CFSServ.exe" [BU]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="c:\progra~1\Grisoft\AVG7\avgw.exe" [2007-10-25 219136]
"MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2008-02-01 8699904]
c:\documents and settings\owner\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696]
Microsoft Office OneNote 2003 Quick Launch.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2003-08-06 51776]
RAMASST.lnk - c:\windows\system32\RAMASST.exe [2006-02-15 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= c:\progra~1\COMMON~1\ULEADS~1\vio\dvacm.acm
"msacm.mpegacm"= mpegacm.acm
"msacm.ulmp3acm"= ulmp3acm.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\TOSHIBA\\ivp\\NetInt\\Netint.exe"=
"c:\\TOSHIBA\\Ivp\\ISM\\pinger.exe"= c:\\TOSHIBA\\IVP\\ISM\\pinger.exe
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\TOSHIBA\\ConfigFree\\CFXFER.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
"c:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=
"c:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"=
"c:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\iPod\\bin\\iPodService.exe"=
"c:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe"=
"c:\\Program Files\\Microsoft Office\\OFFICE11\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\OFFICE11\\WINWORD.EXE"=
"c:\\Program Files\\Netscape\\Navigator 9\\navigator.exe"=
"c:\\WINDOWS\\system32\\wscntfy.exe"=
"c:\\WINDOWS\\system32\\control.exe"=
"c:\\WINDOWS\\system32\\igfxsrvc.exe"=
"c:\\WINDOWS\\system32\\dllhost.exe"=
S3 brfilt;Brother MFC Filter Driver;c:\windows\system32\Drivers\Brfilt.sys [2006-12-07 2944]
S3 BrSerWDM;Brother WDM Serial driver;c:\windows\system32\Drivers\BrSerWdm.sys [2006-12-07 60416]
S3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\system32\Drivers\BrUsbMdm.sys [2006-12-07 11008]
S3 BrUsbScn;Brother MFC USB Scanner driver;c:\windows\system32\Drivers\BrUsbScn.sys [2006-12-07 10368]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08
.
Contents of the 'Scheduled Tasks' folder
2008-11-05 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2008-08-06 c:\windows\Tasks\Uniblue SpeedUpMyPC Nag.job
- c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe [2007-10-22 10:13]
2007-11-20 c:\windows\Tasks\Uniblue SpeedUpMyPC.job
- c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe [2007-10-22 10:13]
2007-11-20 c:\windows\Tasks\Uniblue SpyEraser.job
- c:\program files\Uniblue\SpyEraser\SpyEraser.exe [2007-10-16 09:26]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.crawler.com/?tbid=66016mStart Page =
mWindow Title = Windows Internet Explorer provided by Comcast
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
c:\windows\Downloaded Program Files\stg_drm.ocx - c:\windows\Downloaded Program Files\CONFLICT.1\stg_drm.ocx
O16 -: {149E45D8-163E-4189-86FC-45022AB2B6C9}
file:///C:/Program%20Files/Mystery%20P.I.%20-%20The%20Vegas%20Heist/Images/stg_drm.ocx
O16 -: {A82C3A33-5C0E-466C-B020-71585433A7E4} -
hxxps://ecampus.phoenix.edu/secure/PhxStudent15.CABFireFox -: Profile - c:\documents and settings\owner\Application Data\Mozilla\Firefox\Profiles\dvfocdmv.Default User\
FireFox -: prefs.js - STARTUP.HOMEPAGE -
hxxp://www.crawler.com/?tbid=66016.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-12-08 16:51:56
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-12-08 16:53:14
ComboFix-quarantined-files.txt 2008-12-09 00:52:32
ComboFix2.txt 2008-12-07 19:01:44
Pre-Run: 87,350,562,816 bytes free
Post-Run: 87,322,783,744 bytes free
494 --- E O F --- 2008-11-13 00:18:17
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:55:01 PM, on 12/8/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\TDispVol.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\ehome\ehtray.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\WINDOWS\system32\TPSMain.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\dla\DLACTRLW.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\system32\RAMASST.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.crawler.com/?tbid=66016R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant =
http://www.crawler.com/search/ie.aspx?tb_id=66016R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch =
http://dnl.crawler.com/support/sa_custo ... TbId=66016R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\DLACTRLW.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\Scansoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - S-1-5-18 Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Mystery%20P.I.%20-%20The%20Vegas%20Heist/Images/stg_drm.ocx
O16 - DPF: {A82C3A33-5C0E-466C-B020-71585433A7E4} (PhxStudent.OeSetup15) -
https://ecampus.phoenix.edu/secure/PhxStudent15.CABO16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) -
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 11783 bytes