ComboFix 08-04-15.8 - HP_Owner 2008-04-16 16:52:33.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.607 [GMT -4:00]
Running from: C:\Documents and Settings\HP_Owner\Desktop\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\HP_Owner\Application Data\STEM32~1
C:\Documents and Settings\HP_Owner\Start Menu\Programs\Internet Speed Monitor
C:\Documents and Settings\HP_Owner\Start Menu\Programs\Internet Speed Monitor\Check Now.lnk
C:\Documents and Settings\HP_Owner\Start Menu\Programs\Internet Speed Monitor\Uninstall.lnk
C:\Documents and Settings\HP_Owner\Start Menu\Programs\Outerinfo
C:\Documents and Settings\HP_Owner\Start Menu\Programs\Outerinfo\Terms.lnk
C:\Documents and Settings\HP_Owner\Start Menu\Programs\Outerinfo\Uninstall.lnk
C:\Program Files\akl
C:\Program Files\akl\akl.dll
C:\Program Files\akl\akl.exe
C:\Program Files\akl\curlog.htm
C:\Program Files\akl\keylog.txt
C:\Program Files\akl\readme.txt
C:\Program Files\akl\uninstall.exe
C:\Program Files\akl\unsetup.dat
C:\Program Files\akl\unsetup.exe
C:\Program Files\amsys
C:\Program Files\amsys\awmsg.dat
C:\Program Files\amsys\guid.dat
C:\Program Files\amsys\ijl15.dll
C:\Program Files\amsys\mfc42.dll
C:\Program Files\amsys\msvcrt.dll
C:\Program Files\amsys\unins000.dat
C:\Program Files\amsys\unis000.exe
C:\Program Files\amsys\winam.dat
C:\Program Files\Common Files\Yazzle1281OinUninstaller.exe
C:\Program Files\internet explorer\msimg32.dll
C:\Program Files\ISM
C:\Program Files\ISM\ism.exe
C:\Program Files\ISM\Uninstall.exe
C:\Program Files\outerinfo
C:\Program Files\outerinfo\FF\chrome.manifest
C:\Program Files\outerinfo\FF\components\OuterinfoAds.xpt
C:\Program Files\outerinfo\FF\install.rdf
C:\Program Files\outerinfo\Terms.rtf
C:\Program Files\p2pnetworks
C:\Program Files\p2pnetworks\amp2pl.exe
C:\Program Files\QdrDrive
C:\Program Files\QdrDrive\qdrloader.exe
C:\Program Files\QdrModule
C:\Program Files\QdrModule\dic.gz
C:\Program Files\QdrModule\kwd.gz
C:\Program Files\QdrModule\QdrModule13.exe
C:\Program Files\QdrPack
C:\Program Files\QdrPack\dicts.gz
C:\Program Files\QdrPack\QdrPack13.exe
C:\Program Files\QdrPack\trgts.gz
C:\Program Files\RABCO
C:\Program Files\RABCO\ExecutionDll.dll
C:\Program Files\RABCO\RABCO.dll.intermediate.manifest
C:\Program Files\RABCO\RABCOse.exe
C:\Program Files\RABCO\RABCOse.info
C:\Program Files\RABCO\RABCOse.original
C:\Program Files\RABCO\Setup.log
C:\Program Files\RABCO\un_RABCOSetup_16230.exe
C:\Program Files\RABCO\un_RABCOSetup_16230.txt
C:\Program Files\RABCO\X_RABCOse.exe
C:\Program Files\RABCO\X_RABCOse.log
C:\Program Files\web buying
C:\Program Files\web buying\v1.8.8\wbuninst.exe
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\Temp\sanR24
C:\Temp\sanR24\lDii.log
C:\temp\tn3
C:\WINDOWS\764.exe
C:\WINDOWS\7search.dll
C:\WINDOWS\absolute key logger.lnk
C:\WINDOWS\aconti.exe
C:\WINDOWS\aconti.ini
C:\WINDOWS\aconti.log
C:\WINDOWS\aconti.sdb
C:\WINDOWS\acontidialer.txt
C:\WINDOWS\adbar.dll
C:\WINDOWS\cbinst$.exe
C:\WINDOWS\daxtime.dll
C:\WINDOWS\default.htm
C:\WINDOWS\Downloaded Program Files\setup.inf
C:\WINDOWS\dp0.dll
C:\WINDOWS\eventlowg.dll
C:\WINDOWS\fhfmm-Uninstaller.exe
C:\WINDOWS\fhfmm.exe
C:\WINDOWS\flt.dll
C:\WINDOWS\hcwprn.exe
C:\WINDOWS\hotporn.exe
C:\WINDOWS\IA
C:\WINDOWS\ie_32.exe
C:\WINDOWS\iexplorr23.dll
C:\WINDOWS\jd2002.dll
C:\WINDOWS\kkcomp$.exe
C:\WINDOWS\kkcomp.dll
C:\WINDOWS\kkcomp.exe
C:\WINDOWS\kvnab$.exe
C:\WINDOWS\kvnab.dll
C:\WINDOWS\kvnab.exe
C:\WINDOWS\liqad$.exe
C:\WINDOWS\liqad.dll
C:\WINDOWS\liqad.exe
C:\WINDOWS\liqui-Uninstaller.exe
C:\WINDOWS\liqui.dll
C:\WINDOWS\liqui.exe
C:\WINDOWS\ngd.dll
C:\WINDOWS\pbar.dll
C:\WINDOWS\pbsysie.dll
C:\WINDOWS\settn.dll
C:\WINDOWS\spredirect.dll
C:\WINDOWS\stem32~1
C:\WINDOWS\system32\acespy
C:\WINDOWS\system32\acespy\systune.exe
C:\WINDOWS\system32\drivers\core.cache.dsk
C:\WINDOWS\system32\drivers\i8042prtt.sys
C:\WINDOWS\system32\ESHOPEE.exe
C:\WINDOWS\system32\iDlo01
C:\WINDOWS\system32\msole32.exe
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\qqstv.ini
C:\WINDOWS\system32\qqstv.ini2
C:\WINDOWS\system32\smante~1
C:\WINDOWS\system32\smante~1\S?mantec\
C:\WINDOWS\system32\vxddsk.exe
C:\WINDOWS\system32\winfrun32.bin
C:\WINDOWS\system32\wml.exe
C:\WINDOWS\vxddsk.exe
C:\WINDOWS\wbeCheck.exe
C:\WINDOWS\wbeInst$.exe
C:\WINDOWS\wml.exe
C:\WINDOWS\xadbrk.dll
C:\WINDOWS\xadbrk.exe
C:\WINDOWS\xadbrk_.exe
C:\WINDOWS\xxxvideo.exe
D:\Autorun.inf
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_CMDSERVICE
-------\Legacy_I8042PRTT
-------\Legacy_NETWORK_MONITOR
-------\Service_i8042prtt
((((((((((((((((((((((((( Files Created from 2008-03-16 to 2008-04-16 )))))))))))))))))))))))))))))))
.
2008-04-11 06:48 . 2008-04-11 06:48 127 --a------ C:\WINDOWS\system32\MRT.INI
2008-04-07 17:38 . 2008-04-07 17:38 10,752 --a------ C:\WINDOWS\DCEBoot.exe
2008-04-07 17:11 . 2008-04-07 17:11 <DIR> d-------- C:\WINDOWS\system32\bharebio01
2008-04-07 17:11 . 2008-04-07 17:11 <DIR> d-------- C:\Temp\wdlw14
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-21 21:42 --------- d-----w C:\Program Files\Trend Micro
2008-03-09 13:50 6,656 ----a-w C:\WINDOWS\trictions.dll
2008-03-08 21:32 --------- d-----w C:\Program Files\Batco
2008-03-05 23:02 --------- d-----w C:\Program Files\WildTangent
2008-03-03 03:16 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-03-03 03:09 --------- d-----w C:\Program Files\Spyware Killer Pro
2008-03-03 03:09 --------- d-----w C:\Program Files\Setup NetZero
2008-03-03 03:09 --------- d-----w C:\Program Files\Common Files\MimarSinan
2008-03-03 03:09 --------- d-----w C:\Program Files\clean xp
2008-03-03 02:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\Rabio
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{48FCC56B-34CF-4521-AA65-F206692D19C9}]
C:\WINDOWS\system32\vtsqq.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 04:00 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe" [2005-02-25 16:17 32881]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 12:04 52736]
"High Definition Audio Property Page Shortcut"="HDAudPropShortcut.exe" [2004-03-18 03:10 61952 C:\WINDOWS\system32\Hdaudpropshortcut.exe]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2004-11-02 11:59 126976]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 13:06 88363 C:\WINDOWS\AGRSMMSG.exe]
"HPHUPD06"="c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 14:53 49152]
"HPHmon06"="C:\WINDOWS\system32\hphmon06.exe" [2004-06-07 14:42 659456]
"KBD"="C:\HP\KBD\KBD.EXE" [2003-02-11 15:02 61440]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 16:43 233472]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2004-10-25 17:17 90112]
"SoundMan"="SOUNDMAN.EXE" [2004-10-13 17:01 77824 C:\WINDOWS\SOUNDMAN.EXE]
"AlcWzrd"="ALCWZRD.EXE" [2004-10-13 19:17 2742272 C:\WINDOWS\ALCWZRD.EXE]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 17:54 253952]
"Trend Micro AntiVirus 2007"="C:\Program Files\Trend Micro\AntiVirus 2007\tavui.exe" [2007-07-05 20:09 4609288]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20 866584]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2005-02-25 16:39 180269]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-02-25 16:45 98304]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 16:38 39264]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-05 06:28:24 258048]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2000-01-21 04:15:54 65588]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wvuspnn]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2004-10-14 03:04 278528 C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\thirdintel]
--a------ 1999-11-07 02:11 27136 c:\hp\bin\cloaker.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Updates from HP\\309731\\Program\\Updates from HP.exe"=
"C:\\Program Files\\PhotoParade\\PhotoParade.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Spyware Killer Pro\\StealthSurf\\StealthSurf.exe"=
R3 CBBCM43;BUFFALO WLI-CB-XXX Series Wireless LAN Adapter;C:\WINDOWS\system32\DRIVERS\CBG54.sys [2005-11-01 04:13]
S3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);C:\WINDOWS\system32\DRIVERS\A3AB.sys [2004-03-12 20:38]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{946850c5-1e27-11d9-baf0-806d6172696f}]
\Shell\AutoRun\command - D:\setup.exe
.
Contents of the 'Scheduled Tasks' folder
"2008-04-16 20:57:54 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
"2008-03-21 22:00:00 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-04-16 16:57:15
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
C:\WINDOWS\TEMP\TMP000000214A9DC63268DC9E63 524288 bytes executable
scan completed successfully
hidden files: 1
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Trend Micro\AntiVirus 2007\tavsvc.exe
C:\Program Files\Trend Micro\AntiVirus 2007\components\TmProxy.exe
C:\Program Files\Trend Micro\Tmasy\Tmasy.exe
.
**************************************************************************
.
Completion time: 2008-04-16 16:58:44 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-16 20:58:41
Pre-Run: 293,735,854,080 bytes free
Post-Run: 293,663,379,456 bytes free
.
2008-04-15 22:13:31 --- E O F ---
HERE'S THE HIJACKTHIS LOG:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:29:44 PM, on 4/17/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Trend Micro\AntiVirus 2007\tavsvc.exe
C:\Program Files\Trend Micro\AntiVirus 2007\Components\tmproxy.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\Program Files\Trend Micro\AntiVirus 2007\tavui.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Trend Micro\Tmasy\Tmasy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\HP_Owner\Desktop\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {48FCC56B-34CF-4521-AA65-F206692D19C9} - C:\WINDOWS\system32\vtsqq.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Trend Micro AntiVirus 2007] C:\Program Files\Trend Micro\AntiVirus 2007\tavui.exe -1 --delay 15
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: Bat - Auto Update.lnk = C:\Program Files\Batco\bat.exe
O4 - Startup: RABCO - Auto Update.lnk = C:\QooBox\Quarantine\C\Program Files\RABCO\RABCOse.exe.vir
O4 - Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmasy\Tmasy.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) -
http://photo.walgreens.com/WalgreensActivia.cabO16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) -
http://lads.myspace.com/upload/MySpaceUploader1006.cabO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://gfx1.hotmail.com/mail/w2/pr02/re ... NPUpld.cabO16 - DPF: {ABB660B6-6694-407B-950A-EDBA5A159722} (DVCDownloadControl) -
http://download.games.yahoo.com/games/w ... ontrol.cabO16 - DPF: {BE319D04-18BD-4B34-AECC-EE7CB610FCA9} (BewitchedGameClass Control) -
http://download.games.yahoo.com/games/w ... d/main.cabO16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://download.games.yahoo.com/games/w ... der_v6.cabO20 - Winlogon Notify: wvuspnn - C:\WINDOWS\
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Trend Micro AntiVirus Protection Service (tavsvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\AntiVirus 2007\tavsvc.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\AntiVirus 2007\Components\tmproxy.exe
--
End of file - 7308 bytes