combofix log:
ComboFix 07-10-08.3 - Student 2007-10-12 21:29:08.2 - NTFSx86
Script execution time was exceeded on script "C:\ComboFix\osid.vbs".
Script execution was terminated.
Running from: C:\Documents and Settings\Student\Desktop\ComboFix.exe
.
((((((((((((((((((((((((( Files Created from 2007-09-13 to 2007-10-13 )))))))))))))))))))))))))))))))
.
2007-10-11 15:52 <DIR> d-------- C:\VundoFix Backups
2007-10-09 19:14 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2007-10-09 08:08 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-10-09 00:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-10-09 00:08 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-10-08 18:20 <DIR> d-------- C:\Documents and Settings\Student\.SunDownloadManager
2007-10-08 14:35 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-08 12:41 684,032 --a------ C:\WINDOWS\system32\libeay32.dll
2007-10-08 12:41 155,648 --a------ C:\WINDOWS\system32\ssleay32.dll
2007-10-08 11:16 <DIR> d-------- C:\WINDOWS\ERUNT
2007-10-07 22:37 <DIR> d-------- C:\WINDOWS\BDOSCAN8
2007-10-07 19:52 <DIR> d-------- C:\Documents and Settings\Student\Application Data\MailFrontier
2007-10-07 19:24 1,988,640 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-10-07 18:51 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2007-10-07 18:50 75,248 --a------ C:\WINDOWS\zllsputility.exe
2007-10-07 18:50 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
2007-10-07 18:50 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-10-07 18:49 <DIR> d-------- C:\WINDOWS\system32\ZoneLabs
2007-10-07 18:49 1,086,952 --a------ C:\WINDOWS\system32\zpeng24.dll
2007-10-07 18:48 <DIR> d-------- C:\WINDOWS\Internet Logs
2007-10-06 13:58 116,224 --a------ C:\WINDOWS\system32\dllcache\xrxwiadr.dll
2007-10-06 13:58 23,040 --a------ C:\WINDOWS\system32\dllcache\xrxwbtmp.dll
2007-10-06 13:57 27,648 --a------ C:\WINDOWS\system32\dllcache\xrxftplt.exe
2007-10-06 13:57 17,408 --a------ C:\WINDOWS\system32\dllcache\xrxscnui.dll
2007-10-06 13:57 4,608 --a------ C:\WINDOWS\system32\dllcache\xrxflnch.exe
2007-10-06 13:13 99,865 --a------ C:\WINDOWS\system32\dllcache\xlog.exe
2007-10-06 13:06 154,624 --a------ C:\WINDOWS\system32\dllcache\wlluc48.sys
2007-10-06 13:06 34,890 --a------ C:\WINDOWS\system32\dllcache\wlandrv2.sys
2007-10-06 13:06 19,455 --a------ C:\WINDOWS\system32\dllcache\wvchntxx.sys
2007-10-06 13:06 19,328 --a------ C:\WINDOWS\system32\dllcache\wstcodec.sys
2007-10-06 13:06 16,970 --a------ C:\WINDOWS\system32\dllcache\xem336n5.sys
2007-10-06 13:06 12,063 --a------ C:\WINDOWS\system32\dllcache\wsiintxx.sys
2007-10-06 13:06 8,832 --a------ C:\WINDOWS\system32\dllcache\wmiacpi.sys
2007-10-06 13:06 8,192 --a------ C:\WINDOWS\system32\dllcache\wshirda.dll
2007-10-06 13:05 771,581 --a------ C:\WINDOWS\system32\dllcache\winacisa.sys
2007-10-06 13:05 53,760 --a------ C:\WINDOWS\system32\dllcache\wiamsmud.dll
2007-10-06 12:58 701,386 --a------ C:\WINDOWS\system32\dllcache\wdhaalba.sys
2007-10-06 12:58 87,040 --a------ C:\WINDOWS\system32\dllcache\wiafbdrv.dll
2007-10-06 12:58 41,600 --a------ C:\WINDOWS\system32\dllcache\weitekp9.dll
2007-10-06 12:58 35,871 --a------ C:\WINDOWS\system32\dllcache\wbfirdma.sys
2007-10-06 12:58 33,599 --a------ C:\WINDOWS\system32\dllcache\watv04nt.sys
2007-10-06 12:58 31,232 --a------ C:\WINDOWS\system32\dllcache\weitekp9.sys
2007-10-06 12:58 29,311 --a------ C:\WINDOWS\system32\dllcache\watv01nt.sys
2007-10-06 12:58 25,471 --a------ C:\WINDOWS\system32\dllcache\watv10nt.sys
2007-10-06 12:58 23,615 --a------ C:\WINDOWS\system32\dllcache\wch7xxnt.sys
2007-10-06 12:58 22,271 --a------ C:\WINDOWS\system32\dllcache\watv06nt.sys
2007-10-06 12:58 19,551 --a------ C:\WINDOWS\system32\dllcache\watv02nt.sys
2007-10-06 12:58 13,568 --a------ C:\WINDOWS\system32\dllcache\wacompen.sys
2007-10-06 12:58 12,415 --a------ C:\WINDOWS\system32\dllcache\wadv01nt.sys
2007-10-06 12:58 12,127 --a------ C:\WINDOWS\system32\dllcache\wadv02nt.sys
2007-10-06 12:58 11,935 --a------ C:\WINDOWS\system32\dllcache\wadv11nt.sys
2007-10-06 12:58 11,871 --a------ C:\WINDOWS\system32\dllcache\wadv09nt.sys
2007-10-06 12:58 11,807 --a------ C:\WINDOWS\system32\dllcache\wadv07nt.sys
2007-10-06 12:58 11,775 --a------ C:\WINDOWS\system32\dllcache\wadv05nt.sys
2007-10-06 12:58 11,295 --a------ C:\WINDOWS\system32\dllcache\wadv08nt.sys
2007-10-06 12:57 604,253 --a------ C:\WINDOWS\system32\dllcache\vmodem.sys
2007-10-06 12:57 426,041 --a------ C:\WINDOWS\system32\dllcache\voicepad.dll
2007-10-06 12:57 397,502 --a------ C:\WINDOWS\system32\dllcache\vpctcom.sys
2007-10-06 12:57 249,402 --a------ C:\WINDOWS\system32\dllcache\vinwm.sys
2007-10-06 12:57 86,073 --a------ C:\WINDOWS\system32\dllcache\voicesub.dll
2007-10-06 12:57 64,605 --a------ C:\WINDOWS\system32\dllcache\vvoice.sys
2007-10-06 12:57 48,256 --a------ C:\WINDOWS\system32\dllcache\w32.dll
2007-10-06 12:57 19,528 --a------ C:\WINDOWS\system32\dllcache\w840nd.sys
2007-10-06 12:57 19,016 --a------ C:\WINDOWS\system32\dllcache\w926nd.sys
2007-10-06 12:57 16,925 --a------ C:\WINDOWS\system32\dllcache\w940nd.sys
2007-10-06 12:50 53,760 --a------ C:\WINDOWS\system32\dllcache\vfwwdm32.dll
2007-10-06 12:50 24,576 --a------ C:\WINDOWS\system32\dllcache\viairda.sys
2007-10-06 12:50 11,325 --a------ C:\WINDOWS\system32\dllcache\vchnt5.dll
2007-10-06 12:49 794,654 --a------ C:\WINDOWS\system32\dllcache\usr1801.sys
2007-10-06 12:49 794,399 --a------ C:\WINDOWS\system32\dllcache\usr1806v.sys
2007-10-06 12:49 793,598 --a------ C:\WINDOWS\system32\dllcache\usr1806.sys
2007-10-06 12:49 765,884 --a------ C:\WINDOWS\system32\dllcache\usrti.sys
2007-10-06 12:49 687,999 --a------ C:\WINDOWS\system32\dllcache\usrwdxjs.sys
2007-10-06 12:49 224,802 --a------ C:\WINDOWS\system32\dllcache\usr1807a.sys
2007-10-06 12:49 113,762 --a------ C:\WINDOWS\system32\dllcache\usrpda.sys
2007-10-06 12:49 94,720 --a------ C:\WINDOWS\system32\dllcache\umaxud32.dll
2007-10-06 12:49 78,464 --a------ C:\WINDOWS\system32\dllcache\usbvideo.sys
2007-10-06 12:49 76,288 --a------ C:\WINDOWS\system32\dllcache\uniime.dll
2007-10-06 12:49 59,264 --a------ C:\WINDOWS\system32\dllcache\usbaudio.sys
2007-10-06 12:49 32,384 --a------ C:\WINDOWS\system32\dllcache\usb101et.sys
2007-10-06 12:49 17,024 --a------ C:\WINDOWS\system32\dllcache\usbohci.sys
2007-10-06 12:49 7,556 --a------ C:\WINDOWS\system32\dllcache\usroslba.sys
2007-10-06 12:48 216,064 --a------ C:\WINDOWS\system32\dllcache\um34scan.dll
2007-10-06 12:48 211,968 --a------ C:\WINDOWS\system32\dllcache\um54scan.dll
2007-10-06 12:48 69,632 --a------ C:\WINDOWS\system32\dllcache\umaxu12.dll
2007-10-06 12:48 50,688 --a------ C:\WINDOWS\system32\dllcache\umaxscan.dll
2007-10-06 12:48 50,176 --a------ C:\WINDOWS\system32\dllcache\umaxp60.dll
2007-10-06 12:48 47,616 --a------ C:\WINDOWS\system32\dllcache\umaxcam.dll
2007-10-06 12:48 28,160 --a------ C:\WINDOWS\system32\dllcache\umaxu40.dll
2007-10-06 12:48 26,624 --a------ C:\WINDOWS\system32\dllcache\umaxu22.dll
2007-10-06 12:48 22,912 --a------ C:\WINDOWS\system32\dllcache\umaxpcls.sys
2007-10-06 12:43 525,568 --a------ C:\WINDOWS\system32\dllcache\tridxp.dll
2007-10-06 12:43 166,784 --a------ C:\WINDOWS\system32\dllcache\tridxpm.sys
2007-10-06 12:43 44,672 --a------ C:\WINDOWS\system32\dllcache\uagp35.sys
2007-10-06 12:43 14,336 --a------ C:\WINDOWS\system32\dllcache\tsprof.exe
2007-10-06 12:43 11,520 --a------ C:\WINDOWS\system32\dllcache\twotrack.sys
2007-10-06 12:42 440,576 --a------ C:\WINDOWS\system32\dllcache\tridkb.dll
2007-10-06 12:42 315,520 --a------ C:\WINDOWS\system32\dllcache\trid3d.dll
2007-10-06 12:42 222,336 --a------ C:\WINDOWS\system32\dllcache\trid3dm.sys
2007-10-06 12:42 159,232 --a------ C:\WINDOWS\system32\dllcache\tridkbm.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-12 20:42 24260 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2007-10-08 22:43 --------- d-------- C:\Program Files\TestGen
2007-10-08 18:46 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-10-07 00:00 5427 --a------ C:\WINDOWS\system32\EGATHDRV.SYS
2007-10-02 23:01 805 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF
2007-10-02 23:01 10676 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2007-09-28 23:32 --------- d-------- C:\Documents and Settings\Student\Application Data\Azureus
2007-09-28 20:20 --------- d-------- C:\Program Files\Azureus
2007-09-28 19:06 --------- d-------- C:\Program Files\Microsoft ActiveSync
2007-09-16 22:10 --------- d-------- C:\Program Files\Gran Paradiso
2007-09-13 22:09 --------- d-------- C:\Program Files\Lenovo
2007-09-11 22:14 --------- d-------- C:\Program Files\DivX
2007-09-11 21:50 --------- d-------- C:\Program Files\Veoh Networks
2007-09-06 06:09 801144 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-09-06 06:05 94416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-09-06 06:05 92848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-09-06 06:03 23152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-09-06 06:02 42912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-09-06 06:00 95608 --a------ C:\WINDOWS\system32\AVASTSS.scr
2007-09-06 06:00 26624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-09-03 19:02 --------- d-------- C:\Program Files\CABviaActiveSync
2007-08-28 21:03 --------- d--h----- C:\Program Files\Zero G Registry
2007-08-28 20:56 --------- d-------- C:\Program Files\Peterson's
2007-08-28 17:31 --------- d-------- C:\Documents and Settings\Student\Application Data\Help
2007-08-23 22:10 --------- d-------- C:\Documents and Settings\All Users\Application Data\Ahead
2007-08-23 22:09 --------- d-------- C:\Program Files\Common Files\Ahead
2007-08-23 22:06 --------- d-------- C:\Documents and Settings\All Users\Application Data\Nero
2007-08-21 15:44 --------- dr-h----- C:\Documents and Settings\Student\Application Data\yahoo!
2007-08-21 15:44 --------- d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2007-08-21 02:15 683520 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-08-21 02:15 683520 --a------ C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-08-20 20:26 81920 --a------ C:\WINDOWS\system32\dpl100.dll
2007-08-20 20:26 196608 --a------ C:\WINDOWS\system32\dtu100.dll
2007-08-15 18:33 524288 --a------ C:\WINDOWS\system32\DivXsm.exe
2007-08-15 18:33 43528 --------- C:\WINDOWS\system32\drivers\pxhelp20.sys
2007-08-15 18:33 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-08-15 18:33 200704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-08-15 18:33 144704 --a------ C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-08-15 18:33 129784 --a------ C:\WINDOWS\system32\pxafs.dll
2007-08-15 18:33 120056 --a------ C:\WINDOWS\system32\pxcpyi64.exe
2007-08-15 18:33 118520 --a------ C:\WINDOWS\system32\pxinsi64.exe
2007-08-15 18:33 1044480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-08-15 18:31 593920 --a------ C:\WINDOWS\system32\dpuGUI11.dll
2007-08-15 18:31 57344 --a------ C:\WINDOWS\system32\dpv11.dll
2007-08-15 18:31 53248 --a------ C:\WINDOWS\system32\dpuGUI10.dll
2007-08-15 18:31 344064 --a------ C:\WINDOWS\system32\dpus11.dll
2007-08-15 18:31 294912 --a------ C:\WINDOWS\system32\dpu11.dll
2007-08-15 18:31 294912 --a------ C:\WINDOWS\system32\dpu10.dll
2007-08-15 18:30 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2007-08-15 18:30 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll
2007-08-15 18:30 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll
2007-08-15 18:30 740442 --a------ C:\WINDOWS\system32\DivX.dll
2007-08-15 18:30 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2007-08-06 17:29 73216 --------- C:\WINDOWS\ST6UNST.EXE
2007-08-06 17:29 286720 --------- C:\WINDOWS\Setup1.exe
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\dllcache\cdm.dll
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\dllcache\wuapi.dll
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\dllcache\wuauclt.exe
2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\dllcache\wucltui.dll
2007-07-30 19:19 271224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-07-30 19:19 207736 --a------ C:\WINDOWS\system32\muweb.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\dllcache\wuweb.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\dllcache\wuaueng.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\dllcache\wups.dll
2007-07-19 02:59 3583488 --a------ C:\WINDOWS\system32\dllcache\mshtml.dll
.
((((((((((((((((((((((((((((( snapshot@2007-10-08_17.47.45.12 )))))))))))))))))))))))))))))))))))))))))
.
----a-w 14,048 2007-03-06 01:22:36 C:\WINDOWS\$hf_mig$\KB941202\spmsg.dll
----a-w 213,216 2007-03-06 01:22:41 C:\WINDOWS\$hf_mig$\KB941202\spuninst.exe
----a-w 683,520 2007-08-21 06:25:02 C:\WINDOWS\$hf_mig$\KB941202\SP2QFE\inetcomm.dll
----a-w 22,752 2007-03-06 01:22:34 C:\WINDOWS\$hf_mig$\KB941202\update\spcustom.dll
----a-w 716,000 2007-03-06 01:22:59 C:\WINDOWS\$hf_mig$\KB941202\update\update.exe
----a-w 371,424 2007-03-06 01:23:51 C:\WINDOWS\$hf_mig$\KB941202\update\updspapi.dll
-c----w 581,120 2004-08-04 13:00:00 C:\WINDOWS\$NtUninstallKB933729$\rpcrt4.dll
-c----w 248,320 2007-03-09 11:28:00 C:\WINDOWS\$NtUninstallKB933729$\xpsp3res.dll
-c----w 213,216 2005-10-12 23:12:26 C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe
-c----w 371,424 2005-10-12 23:12:33 C:\WINDOWS\$NtUninstallKB933729$\spuninst\updspapi.dll
-c----w 683,520 2007-05-16 15:12:02 C:\WINDOWS\$NtUninstallKB941202$\inetcomm.dll
-c----w 213,216 2007-03-06 01:22:41 C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe
-c----w 371,424 2007-03-06 01:23:51 C:\WINDOWS\$NtUninstallKB941202$\spuninst\updspapi.dll
----a-r 167,936 2007-10-11 07:50:38 C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0050048383C9}\accicons.exe
----a-r 34,304 2007-10-11 07:50:28 C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0050048383C9}\misc.exe
----a-r 8,192 2007-10-11 07:50:44 C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0050048383C9}\mspicons.exe
----a-r 3,584 2007-10-11 07:50:47 C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0050048383C9}\opwicon.exe
----a-r 114,688 2007-10-11 07:50:51 C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0050048383C9}\outicon.exe
----a-r 16,384 2007-10-11 07:50:31 C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0050048383C9}\PEicons.exe
----a-r 30,720 2007-10-11 07:50:34 C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0050048383C9}\pptico.exe
----a-r 22,528 2007-10-11 07:50:54 C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0050048383C9}\unbndico.exe
----a-r 45,056 2007-10-11 07:50:25 C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0050048383C9}\wordicon.exe
----a-r 90,112 2007-10-11 07:50:21 C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0050048383C9}\xlicons.exe
----a-r 167,936 2007-10-11 07:38:45 C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\accicons.exe
----a-r 81,920 2007-10-11 07:38:51 C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\fpicon.exe
----a-r 34,304 2007-10-11 07:38:35 C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\misc.exe
----a-r 8,192 2007-10-11 07:38:55 C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\mspicons.exe
----a-r 3,584 2007-10-11 07:38:58 C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\opwicon.exe
----a-r 114,688 2007-10-11 07:39:01 C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\outicon.exe
----a-r 16,384 2007-10-11 07:38:38 C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\PEicons.exe
----a-r 30,720 2007-10-11 07:38:41 C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\pptico.exe
----a-r 22,528 2007-10-11 07:39:05 C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\unbndico.exe
----a-r 45,056 2007-10-11 07:38:31 C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\wordicon.exe
----a-r 90,112 2007-10-11 07:38:28 C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\xlicons.exe
----a-w 14,048 2005-10-12 23:12:25 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\spmsg.dll
----a-w 213,216 2005-10-12 23:12:26 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\spuninst.exe
----a-w 584,192 2007-07-09 13:09:42 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\SP2GDR\rpcrt4.dll
----a-w 115,712 2007-06-13 06:53:14 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\SP2GDR\xpsp3res.dll
----a-w 582,656 2007-07-09 13:16:16 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\SP2QFE\rpcrt4.dll
----a-w 350,720 2007-06-19 07:24:36 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\SP2QFE\xpsp3res.dll
----a-w 22,752 2005-10-12 23:12:25 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\update\spcustom.dll
----a-w 716,000 2005-10-12 23:12:28 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\update\update.exe
----a-w 371,424 2005-10-12 23:12:33 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\update\updspapi.dll
----a-w 14,048 2007-03-06 01:22:36 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\spmsg.dll
----a-w 213,216 2007-03-06 01:22:41 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\spuninst.exe
----a-w 124,928 2007-08-20 10:04:34 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\advpack.dll
----a-w 214,528 2007-08-20 10:04:34 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\dxtrans.dll
----a-w 132,608 2007-08-20 10:04:34 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\extmgr.dll
----a-w 63,488 2007-08-20 10:04:34 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\icardie.dll
----a-w 63,488 2007-08-17 10:20:54 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\ie4uinit.exe
----a-w 153,088 2007-08-20 10:04:34 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\ieakeng.dll
----a-w 230,400 2007-08-20 10:04:35 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\ieaksie.dll
----a-w 161,792 2007-08-17 07:34:25 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\ieakui.dll
----a-w 383,488 2007-08-20 10:04:35 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\ieapfltr.dll
----a-w 384,512 2007-08-20 10:04:35 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\iedkcs32.dll
----a-w 6,058,496 2007-08-20 10:04:37 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\ieframe.dll
----a-w 44,544 2007-08-20 10:04:38 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\iernonce.dll
----a-w 267,776 2007-08-20 10:04:38 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\iertutil.dll
----a-w 13,824 2007-08-17 10:20:54 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\ieudinit.exe
----a-w 625,152 2007-08-17 10:21:21 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\iexplore.exe
----a-w 27,648 2007-08-20 10:04:39 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\jsproxy.dll
----a-w 459,264 2007-08-20 10:04:39 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\msfeeds.dll
----a-w 52,224 2007-08-20 10:04:39 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\msfeedsbs.dll
----a-w 3,584,512 2007-08-20 10:04:41 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\mshtml.dll
----a-w 477,696 2007-08-20 10:04:41 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\mshtmled.dll
----a-w 193,024 2007-08-20 10:04:41 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\msrating.dll
----a-w 671,232 2007-08-20 10:04:42 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\mstime.dll
----a-w 102,400 2007-08-20 10:04:42 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\occache.dll
----a-w 105,984 2007-08-20 10:04:42 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\url.dll
----a-w 1,152,000 2007-08-20 10:04:42 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\urlmon.dll
----a-w 232,960 2007-08-20 10:04:42 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\webcheck.dll
----a-w 824,832 2007-08-20 10:04:43 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\wininet.dll
----a-w 124,928 2007-08-20 10:02:09 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\advpack.dll
----a-w 214,528 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\dxtrans.dll
----a-w 132,608 2007-08-20 10:02:09 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\extmgr.dll
----a-w 63,488 2007-08-20 10:02:09 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\icardie.dll
----a-w 70,656 2007-08-17 10:12:34 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\ie4uinit.exe
----a-w 153,088 2007-08-20 10:02:09 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\ieakeng.dll
----a-w 230,400 2007-08-20 10:02:09 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\ieaksie.dll
----a-w 161,792 2007-08-17 07:29:55 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\ieakui.dll
----a-w 2,455,488 2007-04-17 09:28:12 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\ieapfltr.dat
----a-w 383,488 2007-08-20 10:02:09 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\ieapfltr.dll
----a-w 387,584 2007-08-20 10:02:09 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\iedkcs32.dll
----a-w 6,066,176 2007-08-20 10:02:10 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\ieframe.dll
----a-w 44,544 2007-08-20 10:02:10 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\iernonce.dll
----a-w 267,776 2007-08-20 10:02:10 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\iertutil.dll
----a-w 13,824 2007-08-17 10:12:35 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\ieudinit.exe
----a-w 625,152 2007-08-17 10:12:49 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\iexplore.exe
----a-w 27,648 2007-08-20 10:02:10 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\jsproxy.dll
----a-w 459,264 2007-08-20 10:02:10 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\msfeeds.dll
----a-w 52,224 2007-08-20 10:02:10 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\msfeedsbs.dll
----a-w 3,592,192 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\mshtml.dll
----a-w 478,208 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\mshtmled.dll
----a-w 193,024 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\msrating.dll
----a-w 671,232 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\mstime.dll
----a-w 102,400 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\occache.dll
----a-w 105,984 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\url.dll
----a-w 1,161,728 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\urlmon.dll
----a-w 232,960 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\webcheck.dll
----a-w 825,344 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\wininet.dll
----a-w 22,752 2007-03-06 01:22:34 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\update\spcustom.dll
----a-w 716,000 2007-03-06 01:22:59 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\update\update.exe
----a-w 371,424 2007-03-06 01:23:51 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\update\updspapi.dll
----a-w 14,048 2007-03-06 01:22:36 C:\WINDOWS\SoftwareDistribution\Download\8c426bb59cb8f380ba397304c1c563d0\spmsg.dll
----a-w 213,216 2007-03-06 01:22:41 C:\WINDOWS\SoftwareDistribution\Download\8c426bb59cb8f380ba397304c1c563d0\spuninst.exe
----a-w 683,520 2007-08-21 06:15:44 C:\WINDOWS\SoftwareDistribution\Download\8c426bb59cb8f380ba397304c1c563d0\sp2gdr\inetcomm.dll
----a-w 683,520 2007-08-21 06:25:02 C:\WINDOWS\SoftwareDistribution\Download\8c426bb59cb8f380ba397304c1c563d0\sp2qfe\inetcomm.dll
----a-w 22,752 2007-03-06 01:22:34 C:\WINDOWS\SoftwareDistribution\Download\8c426bb59cb8f380ba397304c1c563d0\update\spcustom.dll
----a-w 716,000 2007-03-06 01:22:59 C:\WINDOWS\SoftwareDistribution\Download\8c426bb59cb8f380ba397304c1c563d0\update\update.exe
----a-w 371,424 2007-03-06 01:23:51 C:\WINDOWS\SoftwareDistribution\Download\8c426bb59cb8f380ba397304c1c563d0\update\updspapi.dll
----a-w 18,089,592 2007-09-28 05:19:39 C:\WINDOWS\system32\MRT.exe
----a-w 582,656 2007-07-09 13:16:16 C:\WINDOWS\system32\rpcrt4.dll
----a-w 350,720 2007-06-19 07:24:36 C:\WINDOWS\system32\xpsp3res.dll
----a-w 582,656 2007-07-09 13:16:16 C:\WINDOWS\system32\dllcache\rpcrt4.dll
----a-w 212,021 2007-10-13 00:44:53 C:\WINDOWS\system32\inetsrv\MetaBase.bin
----a-w 213,048 2005-05-24 16:27:16 C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
----a-w 94,208 2007-08-29 19:47:20 C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
----a-w 950,272 2007-08-29 19:49:54 C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
----a-w 6,133,086 2007-10-12 13:01:07 C:\WINDOWS\system32\ZoneLabs\spyware.dat
----a-w 40,448 2007-10-13 02:04:48 C:\WINDOWS\system32\ZoneLabs\zlqrtdb.dat
----a-w 26,968 2007-10-13 02:04:04 C:\WINDOWS\system32\ZoneLabs\avsys\bases\sfdb.dat
----atw 16,384 2007-10-09 02:25:00 C:\WINDOWS\Temp\Perflib_Perfdata_270.dat
----atw 16,384 2007-10-13 00:43:48 C:\WINDOWS\Temp\Perflib_Perfdata_42c.dat
.
----a-r 167,936 2007-08-15 03:15:05 C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0050048383C9}\accicons.exe
----a-r 34,304 2007-08-15 03:15:05 C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0050048383C9}\misc.exe
----a-r 8,192 2007-08-15 03:15:05 C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0050048383C9}\mspicons.exe
----a-r 3,584 2007-08-15 03:15:05 C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0050048383C9}\opwicon.exe
----a-r 114,688 2007-08-15 03:15:05 C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0050048383C9}\outicon.exe
----a-r 16,384 2007-08-15 03:15:05 C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0050048383C9}\PEicons.exe
----a-r 30,720 2007-08-15 03:15:05 C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0050048383C9}\pptico.exe
----a-r 22,528 2007-08-15 03:15:05 C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0050048383C9}\unbndico.exe
----a-r 45,056 2007-08-15 03:15:05 C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0050048383C9}\wordicon.exe
----a-r 90,112 2007-08-15 03:15:05 C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0050048383C9}\xlicons.exe
----a-r 167,936 2007-08-15 03:14:56 C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\accicons.exe
----a-r 81,920 2007-08-15 03:14:56 C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\fpicon.exe
----a-r 34,304 2007-08-15 03:14:56 C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\misc.exe
----a-r 8,192 2007-08-15 03:14:56 C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\mspicons.exe
----a-r 3,584 2007-08-15 03:14:56 C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\opwicon.exe
----a-r 114,688 2007-08-15 03:14:56 C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\outicon.exe
----a-r 16,384 2007-08-15 03:14:56 C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\PEicons.exe
----a-r 30,720 2007-08-15 03:14:56 C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\pptico.exe
----a-r 22,528 2007-08-15 03:14:56 C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\unbndico.exe
----a-r 45,056 2007-08-15 03:14:56 C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\wordicon.exe
----a-r 90,112 2007-08-15 03:14:56 C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\xlicons.exe
----a-w 17,474,680 2007-09-06 02:50:42 C:\WINDOWS\system32\MRT.exe
------w 581,120 2004-08-04 13:00:00 C:\WINDOWS\system32\rpcrt4.dll
----a-w 248,320 2007-03-09 11:28:00 C:\WINDOWS\system32\xpsp3res.dll
----a-w 581,120 2004-08-04 13:00:00 C:\WINDOWS\system32\dllcache\rpcrt4.dll
----a-w 212,022 2007-10-08 19:44:06 C:\WINDOWS\system32\inetsrv\MetaBase.bin
----a-w 5,881,300 2007-10-08 16:01:11 C:\WINDOWS\system32\ZoneLabs\spyware.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6BC0AC60-C81B-43F1-B250-B3A6CBF3829F}]
C:\Program Files\Common Files\hokeC:\WINDOWS\system32\Y1\gb83122.exe.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-09-06 16:14]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 05:25]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 09:00]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 13:39]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"configmsi"=cmd /c "rmdir /q C:\config.msi"
"supportdir"=cmd /c "rmdir /q /s "C:\WINDOWS\TEMP\{48227AEB-DC8E-4A90-A274-0B4A39D699B1}""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"Registration"=1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AwayNotify]
C:\Program Files\Lenovo\AwayTask\AwayNotify.dll 2006-03-23 06:03 49152 C:\Program Files\Lenovo\AwayTask\AwayNotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\qomkjgg]
qomkjgg.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]
notifyf2.dll 2005-07-06 03:45 28672 C:\WINDOWS\system32\notifyf2.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
tphklock.dll 2005-12-01 00:16 24576 C:\WINDOWS\system32\tphklock.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Student^Start Menu^Programs^Startup^TA_Start.lnk]
path=C:\Documents and Settings\Student\Start Menu\Programs\Startup\TA_Start.lnk
backup=C:\WINDOWS\pss\TA_Start.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
"C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMSG]
C:\PROGRA~1\THINKV~1\AMSG\amsg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AwaySch]
C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BLOG]
rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cssauth]
"C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiskeeperSystray]
"C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLA]
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EZEJMNAP]
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
"C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
"C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon05]
C:\WINDOWS\system32\hphmon05.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD05]
C:\Program Files\Hewlett-Packard\\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\hphupd05.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
C:\WINDOWS\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
C:\WINDOWS\system32\igfxpers.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
C:\WINDOWS\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
"c:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LPManager]
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS Software Removal]
C:\Removal.bat -5 18 2009
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\osCheck]
"C:\Program Files\Norton AntiVirus\osCheck.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
C:\Program Files\Picasa2\PicasaMediaDetector.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRMGRTR]
rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\runner1]
C:\WINDOWS\retadpu1000106.exe 61A847B5BBF72813329B385772FF01F0B3E35B6638993F4661AA4EBD86D67C56389B284534F310
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchIndexer]
rundll32.exe "C:\WINDOWS\system32\rgpordkb.dll",sitypnow
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
C:\Program Files\Analog Devices\Core\smax4pnp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TP4EX]
tp4ex.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPHOTKEY]
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPKBDLED]
C:\WINDOWS\system32\TpScrLk.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPKMAPHELPER]
C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TpShocks]
TpShocks.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVT Scheduler Proxy]
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebBuying]
C:\Program Files\Web Buying\v1.8.4\webbuying.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinAble]
C:\Program Files\WinAble\winable.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
"C:\Program Files\Windows Defender\MSASCui.exe" -hide
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\winshow]
"C:\WINDOWS\winshow.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{0F-F4-48-8D-ZN}]
C:\DOCUME~1\Student\LOCALS~1\Temp\thinksnet.exe CHD003
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SymAppCore"=2 (0x2)
"Symantec Core LC"=3 (0x3)
"ISPwdSvc"=3 (0x3)
"CLTNetCnService"=2 (0x2)
"ccSetMgr"=2 (0x2)
"ccEvtMgr"=2 (0x2)
"Automatic LiveUpdate Scheduler"=2 (0x2)
R3 AEAudioService;AEAudio Service;C:\WINDOWS\system32\drivers\AEAudio.sys
S3 actccid;ActivCard USB Reader V2;C:\WINDOWS\system32\DRIVERS\actccid.sys
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\M]
AutoRun\command - M:\GREsetup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{854b81e4-ba4f-11db-9896-0019d20603a9}]
AutoRun\command - E:\setupSNK.exe
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{AC28C03E-59E3-3AE7-51CC-90EBFBB2C521}]
C:\WINDOWS\system32:mirc.exe
.
Contents of the 'Scheduled Tasks' folder
"2007-09-14 23:11:12 C:\WINDOWS\Tasks\HP DArC Task #Hewlett-Packard#7600#MY3AI3225PK3.job"
- C:\Program Files\HP\hpcoretech\comp\hpdarc.exe
"2007-10-13 01:31:54 C:\WINDOWS\Tasks\HP Usg Daily.job"
"2007-10-13 01:29:38 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
"2007-09-28 13:40:43 C:\WINDOWS\Tasks\PMTask.job"
"2007-10-11 17:06:01 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
"2007-06-23 17:06:08 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
.
**************************************************************************
catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-10-12 22:17:04
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-10-13 1:14:42
C:\ComboFix-quarantined-files.txt ... 2007-10-13 01:14
C:\ComboFix2.txt ... 2007-10-08 17:50
.
--- E O F ---
Here is a new HJThis log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:24:32 AM, on 10/13/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\lenovo\system update\suservice.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\Program Files\Lenovo\Rescue and Recovery\adm\IUService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Documents and Settings\Student\My Documents\HJTHIS\teeman.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.dogpile.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://go.microsoft.com/fwlink/?LinkId=74005
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {6BC0AC60-C81B-43F1-B250-B3A6CBF3829F} - C:\Program Files\Common Files\hokeC:\WINDOWS\system32\Y1\gb83122.exe.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-18\..\RunOnce: [configmsi] cmd /c "rmdir /q C:\config.msi" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [supportdir] cmd /c "rmdir /q /s "C:\WINDOWS\TEMP\{48227AEB-DC8E-4A90-A274-0B4A39D699B1}"" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [configmsi] cmd /c "rmdir /q C:\config.msi" (User 'Default user')
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com/us/en/
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
http://a1540.g.akamai.net/7/1540/52/200 ... plugin.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/english/ka ... nicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
http://a1540.g.akamai.net/7/1540/52/200 ... taller.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/microsoftup ... 2920757109
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftup ... 2915373484
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.4.1_02) -
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) -
https://h17000.www1.hp.com/ewfrf-JAVA/S ... anager.ocx
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_02) -
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: AwayNotify - C:\Program Files\Lenovo\AwayTask\AwayNotify.dll
O20 - Winlogon Notify: qomkjgg - qomkjgg.dll (file missing)
O23 - Service: ACU Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
O23 - Service: ThinkVantage Registry Monitor Service - Unknown owner - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\adm\IUService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
--
End of file - 11763 bytes