Thanks. Here are the logs you requested:
ComboFix 09-07-02.02 - Wayne Lingerfelt 07/02/2009 17:38.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1608 [GMT -5:00]
Running from: c:\documents and settings\Wayne Lingerfelt\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Maria Anez\Favorites\Download programs.url
c:\documents and settings\Maria Anez\Favorites\Games.url
c:\documents and settings\Maria Anez\Favorites\Translator.url
c:\documents and settings\Maria Anez\Favorites\Videos.url
c:\documents and settings\Maria Anez\Start Menu\Programs\Download programs.url
c:\documents and settings\Maria Anez\Start Menu\Programs\Games.url
c:\documents and settings\Maria Anez\Start Menu\Programs\Translator.url
c:\documents and settings\Maria Anez\Start Menu\Programs\Videos.url
c:\documents and settings\Wayne Lingerfelt\Favorites\Download programs.url
c:\documents and settings\Wayne Lingerfelt\Favorites\Games.url
c:\documents and settings\Wayne Lingerfelt\Favorites\Translator.url
c:\documents and settings\Wayne Lingerfelt\Favorites\Videos.url
c:\documents and settings\Wayne Lingerfelt\Start Menu\Programs\Download programs.url
c:\documents and settings\Wayne Lingerfelt\Start Menu\Programs\Games.url
c:\documents and settings\Wayne Lingerfelt\Start Menu\Programs\Translator.url
c:\documents and settings\Wayne Lingerfelt\Start Menu\Programs\Videos.url
c:\program files\IEToolbar
c:\windows\kb913800.exe
c:\windows\system32\drivers\SKYNETyebirmod.sys
c:\windows\system32\SKYNETecqtoajs.dat
c:\windows\system32\SKYNETotgvdlre.dat
c:\windows\system32\SKYNETwcpxtfnv.dll
c:\windows\system32\SKYNETyovjipxf.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_SKYNETtpkrdqjk
((((((((((((((((((((((((( Files Created from 2009-06-02 to 2009-07-02 )))))))))))))))))))))))))))))))
.
2009-07-02 21:37 . 2009-07-02 21:37 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2009-07-02 14:48 . 2009-07-02 14:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Sonoma Wire Works
2009-07-02 14:48 . 2009-07-02 14:48 -------- d-----w- c:\program files\Sonoma Wire Works
2009-07-02 13:19 . 2009-04-20 17:36 167936 ----a-w- c:\windows\system32\l6tpux2.dll
2009-07-02 02:47 . 2009-07-02 02:47 -------- d-----w- c:\documents and settings\Wayne Lingerfelt\Local Settings\Application Data\PACE Anti-Piracy
2009-07-02 02:47 . 2009-07-02 02:47 -------- d-----w- c:\docume~1\WAYNEL~1\APPLIC~1\PACE Anti-Piracy
2009-06-27 16:08 . 2008-04-13 18:46 51200 ----a-w- c:\windows\system32\drivers\msdv.sys
2009-06-27 16:08 . 2008-04-13 18:46 51200 ----a-w- c:\windows\system32\dllcache\msdv.sys
2009-06-27 16:08 . 2008-04-13 18:46 38912 ----a-w- c:\windows\system32\drivers\avc.sys
2009-06-27 16:08 . 2008-04-13 18:46 38912 ----a-w- c:\windows\system32\dllcache\avc.sys
2009-06-27 16:08 . 2008-04-13 18:46 48128 ----a-w- c:\windows\system32\drivers\61883.sys
2009-06-27 16:08 . 2008-04-13 18:46 48128 ----a-w- c:\windows\system32\dllcache\61883.sys
2009-06-27 16:03 . 2001-08-17 18:46 6400 ----a-w- c:\windows\system32\drivers\enum1394.sys
2009-06-27 16:03 . 2001-08-17 18:46 6400 ----a-w- c:\windows\system32\dllcache\enum1394.sys
2009-06-27 16:03 . 2008-04-13 18:46 61696 ----a-w- c:\windows\system32\drivers\ohci1394.sys
2009-06-27 16:03 . 2008-04-13 18:46 61696 ----a-w- c:\windows\system32\dllcache\ohci1394.sys
2009-06-27 16:03 . 2008-04-13 18:46 53376 ----a-w- c:\windows\system32\drivers\1394bus.sys
2009-06-27 16:03 . 2008-04-13 18:46 53376 ----a-w- c:\windows\system32\dllcache\1394bus.sys
2009-06-27 09:36 . 2009-06-27 09:36 -------- d-----w- c:\program files\Trend Micro
2009-06-27 05:55 . 2009-03-14 11:48 5120 ----a-w- c:\windows\system32\drivers\Start1Driver.SYS
2009-06-25 07:48 . 2009-06-25 07:48 -------- d-----w- c:\docume~1\WAYNEL~1\APPLIC~1\Malwarebytes
2009-06-25 07:48 . 2009-06-17 16:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-25 07:47 . 2009-06-30 01:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-25 07:47 . 2009-06-25 07:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-06-25 07:47 . 2009-06-17 16:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-22 16:50 . 2009-06-23 02:06 -------- d-----w- c:\documents and settings\All Users\Application Data\97935306
2009-06-22 16:50 . 2009-06-22 16:50 -------- d-----w- c:\documents and settings\All Users\Application Data\17925314
2009-06-22 16:49 . 2009-06-22 16:49 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2009-06-22 10:49 . 2009-06-22 10:49 93 ----a-w- c:\windows\system32\SKYNET.dat
2009-06-21 22:29 . 2009-06-14 21:07 1004800 ----a-w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar\IEToolbar.dll
2009-06-21 22:27 . 2009-06-21 22:29 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2009-06-21 18:07 . 2009-06-21 18:07 -------- d-----w- c:\program files\Microsoft ActiveSync
2009-06-12 20:13 . 2009-06-12 20:13 -------- d-----w- c:\documents and settings\Maria Anez\Application Data\Nero
2009-06-12 14:42 . 2009-06-12 14:42 -------- d-----w- c:\program files\Common Files\LightScribe
2009-06-12 14:39 . 2009-06-12 14:39 -------- d-----w- c:\docume~1\WAYNEL~1\APPLIC~1\Nero
2009-06-12 14:37 . 2009-06-12 14:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-06-12 14:37 . 2009-06-12 14:38 -------- d-----w- c:\program files\Common Files\Nero
2009-06-11 01:13 . 2009-04-30 21:22 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2009-06-11 01:13 . 2009-04-30 21:22 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll
2009-06-09 02:21 . 2009-06-09 02:21 -------- d-----w- c:\program files\iPod
2009-06-09 02:20 . 2009-06-09 02:21 -------- d-----w- c:\program files\iTunes
2009-06-09 02:09 . 2009-06-09 02:09 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-02 22:37 . 2008-03-13 23:04 66560 --sha-w- c:\documents and settings\All Users\Application Data\ExtendMedia\Media Agent\ac.dll
2009-07-02 21:54 . 2009-03-21 18:13 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-07-02 14:17 . 2009-04-11 04:04 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-07-02 02:47 . 2006-08-12 18:29 -------- d-----w- c:\docume~1\WAYNEL~1\APPLIC~1\Line 6
2009-07-02 02:29 . 2006-08-12 18:29 -------- d-----w- c:\program files\Line6
2009-06-30 12:59 . 2006-01-24 14:27 -------- d-----w- c:\program files\Google
2009-06-30 01:34 . 2006-08-14 01:40 -------- d-----w- c:\program files\LimeWire
2009-06-30 01:15 . 2008-03-13 23:07 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-06-29 17:53 . 2006-08-10 18:32 88448 ----a-w- c:\documents and settings\Maria Anez\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-28 14:23 . 2006-08-14 23:06 88448 ----a-w- c:\documents and settings\Wayne Lingerfelt\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-27 16:46 . 2008-02-03 06:44 -------- d-----w- c:\docume~1\WAYNEL~1\APPLIC~1\Skype
2009-06-27 16:24 . 2008-02-03 06:48 -------- d-----w- c:\docume~1\WAYNEL~1\APPLIC~1\skypePM
2009-06-25 07:06 . 2008-03-13 21:49 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-23 13:55 . 2008-10-27 02:19 -------- d-----w- c:\docume~1\WAYNEL~1\APPLIC~1\Apple Computer
2009-06-22 15:09 . 2008-03-06 03:04 -------- d-----w- c:\program files\BroadJump
2009-06-12 14:37 . 2007-02-27 04:23 -------- d-----w- c:\program files\Nero
2009-06-09 02:21 . 2008-10-13 18:14 -------- d-----w- c:\program files\Common Files\Apple
2009-06-09 02:18 . 2009-01-13 02:18 -------- d-----w- c:\program files\QuickTime
2009-06-05 16:42 . 2009-04-06 21:33 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-06-05 16:42 . 2008-10-13 18:14 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-05-26 22:40 . 2009-05-26 22:40 -------- d-----w- c:\documents and settings\Maria Anez\Application Data\Motive
2009-05-20 05:58 . 2006-01-24 14:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint
2009-05-20 05:57 . 2006-01-24 14:20 -------- d-----w- c:\program files\Common Files\Sonic Shared
2009-05-20 05:54 . 2006-01-24 14:18 -------- d-----w- c:\program files\CyberLink
2009-05-19 06:11 . 2008-11-03 05:42 -------- d-----w- c:\program files\V CAST Music with Rhapsody
2009-05-18 15:39 . 2008-01-03 14:58 -------- d-----w- c:\program files\DivX
2009-05-18 15:38 . 2009-05-18 15:38 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-05-16 04:00 . 2008-03-01 15:28 -------- d-----w- c:\docume~1\WAYNEL~1\APPLIC~1\Move Networks
2009-05-13 05:15 . 2005-08-16 10:18 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-07 15:32 . 2005-08-16 10:18 345600 ----a-w- c:\windows\system32\localspl.dll
2009-04-29 22:40 . 2009-04-29 22:40 10704896 ----a-w- c:\documents and settings\All Users\Application Data\Line 6\L6TWXY\L6TWXY.dll
2009-04-29 22:40 . 2009-04-29 22:40 1532928 ----a-w- c:\documents and settings\All Users\Application Data\Line 6\L6TWXY\data\twx\L6TWX.dll
2009-04-20 17:36 . 2009-04-20 17:36 1532928 ----a-w- c:\documents and settings\All Users\Application Data\Line 6\L6TWXG\data\twx\L6TWX.dll
2009-04-20 17:36 . 2009-01-24 11:40 531456 ----a-w- c:\windows\system32\drivers\L6TPortB.sys
2009-04-20 17:36 . 2006-07-27 01:09 29312 ----a-w- c:\windows\system32\drivers\l6dp.sys
2009-04-17 12:26 . 2005-08-16 10:18 1847168 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 20:29 . 2009-04-15 20:29 552 ----a-w- c:\windows\system32\d3d8caps.dat
2009-04-15 14:51 . 2005-08-16 10:18 585216 ----a-w- c:\windows\system32\rpcrt4.dll
2006-09-15 01:53 . 2006-09-15 01:53 88 --sh--r- c:\windows\system32\488DF75857.sys
2006-08-17 15:12 . 2006-08-17 13:03 56 --sh--r- c:\windows\system32\5758F78D48.sys
2006-09-15 01:53 . 2006-08-17 13:03 3766 --sha-w- c:\windows\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-06-14 21:07 1004800 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2006-12-01 4662776]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"Weather"="c:\program files\AWS\WeatherBug\Weather.exe" [2007-08-29 1347584]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2008-10-07 111856]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"Search Protection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2008-10-07 111856]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-08-22 2363392]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-30 39408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-15 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-15 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-15 114688]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-03-20 213936]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-03-20 86960]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2008-10-07 111856]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2003-07-01 188416]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2003-07-01 65536]
"Motive SmartBridge"="c:\progra~1\SBCSEL~1\SMARTB~1\MotiveSB.exe" [2005-08-24 442455]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-03-20 213936]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"YMailAdvisor"="c:\program files\Yahoo!\Common\YMailAdvisor.exe" [2008-06-05 125208]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-07-09 570664]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-06-30 68592]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-30 39408]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-7-14 113664]
AT&T Self Support Tool.lnk - c:\program files\SBC Self Support Tool\bin\matcli.exe [2008-3-5 217088]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-1-24 24576]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-2-3 169472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"avg8wd"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\StubInstaller.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\NBC Direct\\StoreFrontPlayer.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5544:TCP"= 5544:TCP:eMule TCP Incoming
"4730:UDP"= 4730:UDP:eMule UDP Incoming
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"3703:TCP"= 3703:TCP:Adobe Version Cue CS4 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS4 Server
"51000:TCP"= 51000:TCP:Adobe Version Cue CS4 Server
"51001:TCP"= 51001:TCP:Adobe Version Cue CS4 Server
R1 Start1Driver;Start1Driver;c:\windows\system32\drivers\Start1Driver.SYS [6/27/2009 12:55 AM 5120]
R2 OpenCASE Media Agent;OpenCASE Media Agent;c:\program files\OpenCASE\OpenCASE Media Agent\MediaAgent.exe [1/16/2008 3:57 PM 814728]
R3 L6DP;L6DP;c:\windows\system32\drivers\l6dp.sys [7/26/2006 8:09 PM 29312]
R3 L6TPortB;Service - Line 6 TonePort UX2;c:\windows\system32\drivers\L6TPortB.sys [1/24/2009 6:40 AM 531456]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [8/15/2008 5:46 AM 284016]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - GTNDIS5
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{28681820-917D-11d5-8177-005056FDDA4B}]
rundll32.exe c:\windows\system32\ShellExt\DafiTech\Cpy2Clip\cpy2clip.dll,CreateUserSettings
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,LaunchINFSectionEx c:\program files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
Contents of the 'Scheduled Tasks' folder
2009-06-29 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-XdriveTrayIcon - c:\program files\Xdrive\Xdrive Desktop\XdriveTray.exe
HKCU-Run-AdobeBridge - (no file)
HKLM-Run-AVG8_TRAY - c:\progra~1\AVG\AVG8\avgtray.exe
HKLM-RunOnce-AvgRemover - c:\documents and settings\Wayne Lingerfelt\Local Settings\Temporary Internet Files\Content.IE5\AP1VXZCD\avgremover[1].exe
Notify-avgrsstarter - avgrsstx.dll
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://my.yahoo.com/uSearchMigratedDefaultURL =
hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearch Bar =
hxxp://us.rd.yahoo.com/customize/ie/def ... earch.htmluInternet Connection Wizard,ShellNext =
hxxp://www.google.com/ig/dell?hl=enuInternet Settings,ProxyOverride = 127.0.0.1;*.local
uSearchURL,(Default) =
hxxp://www.google.com/search?q=%s
IE: &ieSpell Options - c:\program files\ieSpell\iespell.dll/SPELLOPTION.HTM
IE: &Yahoo! Search - file:///c:\program files\Yahoo!\Common/ycsrch.htm
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Check &Spelling - c:\program files\ieSpell\iespell.dll/SPELLCHECK.HTM
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Lookup on Merriam Webster -
file://c:\program files\ieSpell\Merriam Webster.HTM
IE: Lookup on Wikipedia -
file://c:\program files\ieSpell\wikipedia.HTM
IE: Yahoo! &Dictionary - file:///c:\program files\Yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\Yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - file:///c:\program files\Yahoo!\Common/ycsms.htm
Trusted Zone: att.net
Trusted Zone: line6.net
Trusted Zone: sbcglobal.net
Trusted Zone: yahoo.com\clientapps
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-07-02 17:59
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•Ôw*]
"5E7CEC10DF0760D4F8DAFB12FDC06CCD"="02:\\Software\\Adobe\\FeatureSubscriptions\\DVAAdobeDocMeta\\{01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}\\Registered"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•A~*]
"AB141C35E9F4BF344B9FC010BB17F68A"="02:\\Software\\Adobe\\FeatureSubscriptions\\DVAAdobeDocMeta\\{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}\\Registered"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(796)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
c:\windows\system32\igfxdev.dll
.
Completion time: 2009-07-02 18:02
ComboFix-quarantined-files.txt 2009-07-02 23:01
Pre-Run: 9,898,696,704 bytes free
Post-Run: 12,688,826,368 bytes free
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect
279 --- E O F --- 2009-06-11 02:48
Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows XP . (5.1.2600) Service Pack 3
[32_bits] - x86 Family 15 Model 4 Stepping 9, GenuineIntel
.
[wscsvc] (Security Center) RUNNING (state:4)
[SharedAccess] RUNNING (state:4)
Windows Firewall -> Enabled
.
Internet Explorer 8.0.6001.18702
.
C:\ [Fixed-NTFS] .. ( Total:144 Go - Free:11 Go )
D:\ [CD_Rom]
E:\ [CD_Rom]
F:\ [Removable]
H:\ [Removable]
I:\ [Removable]
J:\ [Removable]
K:\ [Removable]
.
Scan : 18:04.22
Path : C:\Documents and Settings\Wayne Lingerfelt\Local Settings\Temporary Internet Files\Content.IE5\ZYYE9HB1\Rooter[1].exe
User : Wayne Lingerfelt ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
______ System (4)
______ \SystemRoot\System32\smss.exe (720)
______ \??\C:\WINDOWS\system32\csrss.exe (772)
______ \??\C:\WINDOWS\system32\winlogon.exe (796)
______ C:\WINDOWS\system32\services.exe (840)
______ C:\WINDOWS\system32\lsass.exe (852)
______ C:\WINDOWS\system32\svchost.exe (1028)
______ C:\WINDOWS\system32\svchost.exe (1076)
______ C:\WINDOWS\System32\svchost.exe (1168)
______ C:\WINDOWS\system32\svchost.exe (1208)
______ C:\WINDOWS\system32\svchost.exe (1264)
______ C:\WINDOWS\system32\svchost.exe (1344)
______ C:\WINDOWS\system32\spoolsv.exe (1588)
______ C:\WINDOWS\system32\svchost.exe (1692)
______ C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (1736)
______ C:\Program Files\Bonjour\mDNSResponder.exe (1748)
______ C:\WINDOWS\eHome\ehRecvr.exe (1788)
______ C:\WINDOWS\eHome\ehSched.exe (1800)
______ C:\Program Files\Common Files\LightScribe\LSSrvc.exe (1864)
______ C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (1956)
______ C:\Program Files\OpenCASE\OpenCASE Media Agent\MediaAgent.exe (184)
______ C:\WINDOWS\system32\IoctlSvc.exe (404)
______ C:\Program Files\Dell Support Center\bin\sprtsvc.exe (480)
______ C:\WINDOWS\system32\svchost.exe (520)
______ C:\WINDOWS\system32\svchost.exe (556)
______ C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe (364)
______ C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe (748)
______ C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (112)
______ C:\WINDOWS\ehome\mcrdsvc.exe (1408)
______ C:\WINDOWS\system32\dllhost.exe (2440)
______ C:\WINDOWS\System32\alg.exe (2620)
______ C:\WINDOWS\system32\notepad.exe (2644)
______ C:\WINDOWS\System32\svchost.exe (3916)
______ C:\WINDOWS\explorer.exe (3760)
______ C:\Program Files\Internet Explorer\iexplore.exe (416)
______ C:\Program Files\Internet Explorer\iexplore.exe (1004)
______ C:\WINDOWS\system32\ctfmon.exe (3264)
______ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (1428)
______ C:\Documents and Settings\Wayne Lingerfelt\Local Settings\Temporary Internet Files\Content.IE5\ZYYE9HB1\Rooter[1].exe (3404)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 (Start_Offset:32256 | Length:32868864)
\Device\Harddisk0\Partition2 --[ MBR ]-- (Start_Offset:32901120 | Length:154980725760)
\Device\Harddisk0\Partition3 (Start_Offset:155013626880 | Length:4984519680)
.
----------------------\\ Scheduled Tasks
.
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
C:\WINDOWS\Tasks\desktop.ini
C:\WINDOWS\Tasks\SA.DAT
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
C:\WINDOWS\system32\SKYNET.dat
==> ROOTKIT Tibs <==.
----------------------\\ Scan completed at 18:04.27
.
C:\Rooter$\Rooter_1.txt - (02/07/2009 | 18:04.27)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:05:59 PM, on 7/2/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\OpenCASE\OpenCASE Media Agent\MediaAgent.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.com/customize/ie/def ... earch.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [YMailAdvisor] "C:\Program Files\Yahoo!\Common\YMailAdvisor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AT&T Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &ieSpell Options -
res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Append Link Target to Existing PDF -
res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Check &Spelling -
res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Lookup on Merriam Webster -
file://C:\Program Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia -
file://C:\Program Files\ieSpell\wikipedia.HTM
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone:
http://*.att.netO15 - Trusted Zone: *.line6.net
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) -
http://upload.facebook.com/controls/200 ... oader5.cabO16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) -
http://www.musicnotes.com/download/mnviewer.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) -
http://upload.facebook.com/controls/Fac ... oader3.cabO16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) -
http://upload.facebook.com/controls/Fac ... loader.cabO16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) -
http://www.kodakgallery.com/downloads/B ... ofupld.cabO16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) -
http://www.crucial.com/controls/cpcScanner.cabO16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) -
http://drmlicense.one.microsoft.com/crl ... crlocx.ocxO16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} (Dell PC Checkup Installer Control) -
http://pccheckup.dellfix.com/en/10/install/gtdownde.cabO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MSSQLServerADHelper - Unknown owner - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: OpenCASE Media Agent - ExtendMedia Inc. - C:\Program Files\OpenCASE\OpenCASE Media Agent\MediaAgent.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
--
End of file - 15403 bytes