I didn't have to end any processes; it did take around 20 minutes. After the log was created, the screen froze and I had to restart before running hijackthis.
ComboFix 08-12-24.01 - Abria Laél 2008-12-24 14:48:10.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1015.468 [GMT -5:00]
Running from: c:\documents and settings\Abria Laél\Desktop\ComboFix.exe
Command switches used :: c:\program files\Trend Micro\HijackThis\CFScript.txt
* Created a new restore point
FILE ::
c:\documents and settings\Abria Laél\gif.exe
c:\windows\system32\bmwniahj.dll
C:\x.bat
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Abria Laél\Application Data\uTorrent
c:\documents and settings\Abria Laél\Application Data\uTorrent\dht.dat
c:\documents and settings\Abria Laél\Application Data\uTorrent\dht.dat.old
c:\documents and settings\Abria Laél\Application Data\uTorrent\resume.dat
c:\documents and settings\Abria Laél\Application Data\uTorrent\resume.dat.old
c:\documents and settings\Abria Laél\Application Data\uTorrent\rss.dat
c:\documents and settings\Abria Laél\Application Data\uTorrent\rss.dat.old
c:\documents and settings\Abria Laél\Application Data\uTorrent\settings.dat
c:\documents and settings\Abria Laél\Application Data\uTorrent\settings.dat.old
c:\documents and settings\Abria Laél\Application Data\uTorrent\The Princess Bride Game - Experience true love high adventure and 5 games-in-one_.torrent
c:\documents and settings\Abria Laél\gif.exe
c:\program files\BitComet
c:\program files\BitComet\fav\fav_bg_bg.xml
c:\program files\BitComet\fav\fav_ca_es.xml
c:\program files\BitComet\fav\fav_en_us.xml
c:\program files\BitComet\fav\fav_es_es.xml
c:\program files\BitComet\fav\fav_fi_fi.xml
c:\program files\BitComet\fav\fav_he_il.xml
c:\program files\BitComet\fav\fav_hu_hu.xml
c:\program files\BitComet\fav\fav_it_it.xml
c:\program files\BitComet\fav\fav_jp_jp.xml
c:\program files\BitComet\fav\fav_ko_kr.xml
c:\program files\BitComet\fav\fav_nl_nl.xml
c:\program files\BitComet\fav\fav_pl_pl.xml
c:\program files\BitComet\fav\fav_pt_br.xml
c:\program files\BitComet\fav\fav_pt_pt.xml
c:\program files\BitComet\fav\fav_ru_ru.xml
c:\program files\BitComet\fav\fav_sl_si.xml
c:\program files\BitComet\fav\fav_th_th.xml
c:\program files\BitComet\fav\fav_va_es.xml
c:\program files\BitComet\fav\fav_vi_vn.xml
c:\program files\BitComet\fav\fav_zh_cn.xml
c:\program files\BitComet\fav\fav_zh_tw.xml
c:\program files\BitComet\fav\HowTo-AddYourSite.txt
c:\program files\BitComet\fav\my_fav.xml
c:\program files\BitComet\fav\search_en_us.mht
c:\program files\BitComet\fav\search_zh_cn.mht
c:\program files\BitComet\lang\HowTo-Translate.txt
c:\program files\BitComet\lang\lang_ar_ae.xml
c:\program files\BitComet\lang\lang_bg_bg.xml
c:\program files\BitComet\lang\lang_ca_es.xml
c:\program files\BitComet\lang\lang_cz_cz.xml
c:\program files\BitComet\lang\lang_da_dk.xml
c:\program files\BitComet\lang\lang_de_de.xml
c:\program files\BitComet\lang\lang_el_gr.xml
c:\program files\BitComet\lang\lang_en_us.xml
c:\program files\BitComet\lang\lang_es_ar.xml
c:\program files\BitComet\lang\lang_es_es.xml
c:\program files\BitComet\lang\lang_et_ee.xml
c:\program files\BitComet\lang\lang_fi_fi.xml
c:\program files\BitComet\lang\lang_fr_fr.xml
c:\program files\BitComet\lang\lang_gl_es.xml
c:\program files\BitComet\lang\lang_he_il.xml
c:\program files\BitComet\lang\lang_hu_hu.xml
c:\program files\BitComet\lang\lang_it_it.xml
c:\program files\BitComet\lang\lang_jp_jp.xml
c:\program files\BitComet\lang\lang_ko_kr.xml
c:\program files\BitComet\lang\lang_nb_no.xml
c:\program files\BitComet\lang\lang_nl_nl.xml
c:\program files\BitComet\lang\lang_pl_pl.xml
c:\program files\BitComet\lang\lang_pt_br.xml
c:\program files\BitComet\lang\lang_pt_pt.xml
c:\program files\BitComet\lang\lang_ro_ro.xml
c:\program files\BitComet\lang\lang_ru_ru.xml
c:\program files\BitComet\lang\lang_sk_sk.xml
c:\program files\BitComet\lang\lang_sl_si.xml
c:\program files\BitComet\lang\lang_sr_sr.xml
c:\program files\BitComet\lang\lang_sv_se.xml
c:\program files\BitComet\lang\lang_th_th.xml
c:\program files\BitComet\lang\lang_tr_tr.xml
c:\program files\BitComet\lang\lang_va_es.xml
c:\program files\BitComet\lang\lang_vi_vn.xml
c:\program files\BitComet\lang\lang_zh_cn.xml
c:\program files\BitComet\lang\lang_zh_tw.xml
c:\program files\BitComet\rules\ipfilter.dat
c:\windows\system32\bmwniahj.dll
C:\x.bat
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_WudfRdd
((((((((((((((((((((((((( Files Created from 2008-11-24 to 2008-12-24 )))))))))))))))))))))))))))))))
.
2008-12-24 09:54 . 2008-10-03 05:02 247,326 --------- c:\windows\system32\dllcache\strmdll.dll
2008-12-24 09:17 . 2008-12-24 09:17 <DIR> d-------- c:\documents and settings\Abria Laél\Application Data\McAfee
2008-12-23 18:28 . 2008-12-23 19:43 <DIR> d-------- c:\program files\EasyScript
2008-12-23 18:22 . 2008-12-23 18:22 4,390,831 --a------ c:\program files\attachments_2008_12_23.zip
2008-12-23 09:52 . 2008-12-23 09:52 1,615,442 --a------ c:\program files\ProcessExplorer.zip
2008-12-23 01:48 . 2008-12-23 01:49 <DIR> d-------- c:\program files\Image Mender
2008-12-23 00:59 . 2008-12-24 14:58 8,601 --a------ c:\windows\system32\Config.MPF
2008-12-23 00:58 . 2006-03-03 08:07 143,360 --a------ c:\windows\system32\dunzip32.dll
2008-12-23 00:55 . 2007-11-22 06:44 201,320 --a------ c:\windows\system32\drivers\mfehidk.sys
2008-12-23 00:55 . 2007-11-22 06:44 79,304 --a------ c:\windows\system32\drivers\mfeavfk.sys
2008-12-23 00:55 . 2007-12-02 12:51 40,488 --a------ c:\windows\system32\drivers\mfesmfk.sys
2008-12-23 00:55 . 2007-11-22 06:44 35,240 --a------ c:\windows\system32\drivers\mfebopk.sys
2008-12-23 00:55 . 2007-11-22 06:44 33,832 --a------ c:\windows\system32\drivers\mferkdk.sys
2008-12-23 00:54 . 2008-12-23 00:54 <DIR> d-------- c:\program files\McAfee.com
2008-12-23 00:54 . 2008-12-23 00:55 <DIR> d-------- c:\program files\Common Files\McAfee
2008-12-23 00:54 . 2007-07-13 06:20 113,952 --a------ c:\windows\system32\drivers\Mpfp.sys
2008-12-23 00:53 . 2008-12-23 14:49 <DIR> d-------- c:\program files\McAfee
2008-12-23 00:47 . 2008-12-24 09:17 <DIR> d-------- c:\documents and settings\All Users\Application Data\McAfee
2008-12-22 17:11 . 2008-12-22 17:11 <DIR> d-------- c:\program files\Bonjour
2008-12-21 14:14 . 2008-12-21 14:14 <DIR> d-------- c:\program files\Shockwave.com
2008-12-21 07:08 . 2008-12-21 07:06 165,454 --a------ c:\windows\system32\raidmg.dll
2008-12-20 15:26 . 2008-12-20 15:26 <DIR> d-------- c:\program files\Typing Assistant (English) 4.2
2008-12-19 12:07 . 2008-12-19 12:07 <DIR> d--hs---- c:\windows\ftpcache
2008-12-19 12:06 . 2008-12-19 12:09 <DIR> d-------- c:\program files\Show.kit 2.1
2008-12-17 10:10 . 2008-12-17 10:10 <DIR> d-------- c:\documents and settings\Abria Laél\Application Data\DDWidget
2008-12-17 10:09 . 2008-12-17 10:09 <DIR> d-------- c:\program files\BrainexSoft
2008-12-17 10:09 . 2008-12-17 10:09 <DIR> d-------- c:\documents and settings\All Users\Application Data\IsolatedStorage
2008-12-16 15:31 . 2008-12-16 15:31 <DIR> d-------- c:\documents and settings\All Users\Application Data\PBGsavesDirectory
2008-12-16 15:18 . 2008-12-23 04:52 <DIR> d-------- c:\program files\The Princess Bride
2008-12-16 15:08 . 2008-12-16 15:08 <DIR> d-------- c:\program files\bfgclient
2008-12-16 15:04 . 2008-12-16 15:08 <DIR> d-------- c:\documents and settings\All Users\Application Data\BigFishGamesCache
2008-12-16 11:20 . 2008-12-16 11:20 126,976 --a------ c:\windows\lcmmfu.cpl
2008-12-16 11:20 . 2008-12-16 11:20 48,640 --a------ c:\windows\mmfs.dll
2008-12-16 11:20 . 2008-12-16 11:20 2,560 --a------ c:\windows\Runservice.exe
2008-12-16 11:20 . 2008-12-24 14:57 1,273 --ahs---- c:\windows\system32\mmf.sys
2008-12-16 11:14 . 2008-12-16 11:14 <DIR> d-------- c:\program files\Worldwide Biggies
2008-12-16 10:22 . 2008-12-16 10:22 <DIR> d-------- c:\program files\Crossword Writer
2008-12-16 10:21 . 2008-12-16 10:21 <DIR> d-------- c:\program files\Babble Deluxe
2008-12-14 23:55 . 2008-12-14 23:55 664 --a------ c:\windows\system32\d3d9caps.dat
2008-12-12 11:55 . 2008-12-12 11:55 0 --a------ c:\windows\wlist
2008-12-12 11:55 . 2008-12-12 11:55 0 --a------ c:\windows\hlist
2008-12-12 11:53 . 2008-12-12 11:53 <DIR> d-------- c:\windows\HMF
2008-12-12 11:18 . 2008-12-12 11:18 87,336 --a------ c:\windows\system32\dns-sd.exe
2008-12-12 11:11 . 2008-12-12 11:11 61,440 --a------ c:\windows\system32\dnssd.dll
2008-12-11 11:47 . 2008-12-11 11:47 <DIR> d-------- c:\documents and settings\Abria Laél\Contacts
2008-12-11 11:47 . 2008-12-11 11:47 <DIR> d-------- c:\documents and settings\Abria Laél\Contacts
2008-12-11 11:38 . 2008-12-11 11:38 268 --ah----- C:\sqmdata06.sqm
2008-12-11 11:38 . 2008-12-11 11:38 244 --ah----- C:\sqmnoopt06.sqm
2008-12-10 15:27 . 2008-12-10 15:27 <DIR> d-------- c:\program files\Consumer Input Rewarded with MyPoints, Consumer Input
2008-12-10 15:27 . 2008-12-10 15:27 <DIR> d-------- c:\documents and settings\Abria Laél\Application Data\compete
2008-12-10 13:47 . 2008-12-10 13:47 <DIR> d-------- c:\program files\FormatFactory
2008-12-10 11:26 . 2008-12-10 11:26 <DIR> d-------- c:\program files\Eltima Software
2008-12-10 11:26 . 2008-12-10 11:26 <DIR> d-------- c:\documents and settings\Abria Laél\Application Data\Eltima Software
2008-12-10 11:26 . 2007-12-02 14:13 40,960 --a------ c:\windows\wavdest.ax
2008-12-10 06:21 . 2008-12-10 06:21 268 --ah----- C:\sqmdata05.sqm
2008-12-10 06:21 . 2008-12-10 06:21 244 --ah----- C:\sqmnoopt05.sqm
2008-12-10 01:06 . 2008-12-10 01:06 268 --ah----- C:\sqmdata04.sqm
2008-12-10 01:06 . 2008-12-10 01:06 244 --ah----- C:\sqmnoopt04.sqm
2008-12-09 14:56 . 2008-12-09 14:56 <DIR> d-------- c:\documents and settings\All Users\Application Data\SiComponents
2008-12-09 14:55 . 2008-12-09 14:55 <DIR> d-------- c:\program files\SiComponents
2008-12-09 14:35 . 2008-12-19 15:15 <DIR> d-------- c:\documents and settings\Abria Laél\Application Data\eMusic
2008-12-09 14:32 . 2008-12-19 15:15 <DIR> d-------- c:\program files\eMusic Download Manager
2008-12-09 14:32 . 2008-12-19 13:34 <DIR> d-------- c:\program files\eMusic
2008-12-08 22:40 . 2008-12-08 22:46 617 --a------ c:\windows\tlknw20.ini
2008-12-08 08:27 . 2008-12-08 08:27 268 --ah----- C:\sqmdata03.sqm
2008-12-08 08:27 . 2008-12-08 08:27 244 --ah----- C:\sqmnoopt03.sqm
2008-12-08 08:16 . 2008-11-04 10:41 339,968 --a------ c:\windows\system32\MP3Enc.dll
2008-12-08 08:16 . 2008-11-04 10:41 77,824 --a------ c:\windows\system32\wavdest.ax
2008-12-07 15:56 . 2008-12-07 15:56 552 --a------ c:\windows\system32\d3d8caps.dat
2008-12-07 07:52 . 2008-12-07 07:52 <DIR> d-------- c:\program files\TechSmith
2008-12-07 07:52 . 2006-06-15 03:12 45,056 --a------ c:\windows\system32\CSvidcap.dll
2008-12-07 07:52 . 2008-12-07 07:52 268 --ah----- C:\sqmdata02.sqm
2008-12-07 07:52 . 2008-12-07 07:52 244 --ah----- C:\sqmnoopt02.sqm
2008-12-07 07:49 . 2008-12-24 09:32 <DIR> d-------- C:\Temp
2008-12-07 06:40 . 2008-12-23 01:33 <DIR> d-------- c:\program files\Total Network Monitor
2008-12-06 12:27 . 2008-12-06 12:27 8,628 --ah----- c:\windows\PLAYENU.GID
2008-12-06 12:25 . 2008-12-06 12:25 46 --a------ c:\windows\QTW.QTW
2008-12-05 23:16 . 2008-12-05 23:16 268 --ah----- C:\sqmdata01.sqm
2008-12-05 23:16 . 2008-12-05 23:16 244 --ah----- C:\sqmnoopt01.sqm
2008-12-05 23:07 . 2008-12-06 12:25 748 --a------ c:\windows\WININI.QTW
2008-12-05 23:07 . 2008-12-06 12:25 254 --a------ c:\windows\SYSINI.QTW
2008-12-05 22:51 . 2008-12-05 22:51 268 --ah----- C:\sqmdata00.sqm
2008-12-05 22:51 . 2008-12-05 22:51 244 --ah----- C:\sqmnoopt00.sqm
2008-12-05 21:21 . 2008-12-05 22:51 13,030 --a------ C:\PDOXUSRS.NET
2008-12-05 21:20 . 2008-12-05 21:20 <DIR> d-------- c:\program files\Trinity Software, Inc
2008-12-05 09:25 . 2008-12-05 09:27 <DIR> d-------- c:\program files\Windows Live
2008-12-05 09:25 . 2008-12-05 09:26 <DIR> d--hsc--- c:\program files\Common Files\WindowsLiveInstaller
2008-12-05 09:24 . 2008-12-05 09:24 <DIR> d-------- c:\documents and settings\All Users\Application Data\WLInstaller
2008-12-05 08:29 . 2008-12-05 08:29 <DIR> d-------- c:\program files\AnVir Task Manager
2008-12-04 09:11 . 2008-12-04 09:22 <DIR> d-------- c:\program files\project dogwaffle
2008-12-04 09:11 . 1999-05-06 23:00 244,232 --a------ c:\windows\system32\MSFLXGRD.OCX
2008-12-04 09:11 . 1998-11-03 10:45 94,208 --a------ c:\windows\system32\MsStkPrp.dll
2008-12-03 02:05 . 2008-12-03 02:09 <DIR> d-------- c:\program files\SoftDawn
2008-12-01 11:52 . 2008-12-01 11:52 <DIR> d-------- c:\program files\Windows Automation Macro Recorder
2008-11-30 11:50 . 2008-11-30 11:50 <DIR> d-------- c:\program files\ArzooSoft Solutions
2008-11-30 11:48 . 2008-11-28 00:24 414,665 --a------ C:\Setup-mfe.exe
2008-11-29 07:58 . 2008-11-29 07:58 <DIR> d-------- c:\program files\RemoteObserver
2008-11-29 07:57 . 2008-11-29 07:57 <DIR> d-------- c:\program files\RemoteObserverClient
2008-11-28 22:20 . 2008-11-28 22:20 <DIR> d-------- c:\program files\eBook Maestro FREE
2008-11-28 22:19 . 2008-11-28 22:19 <DIR> d-------- C:\vv
2008-11-28 20:02 . 2008-11-28 20:02 <DIR> d-------- C:\ebookswriter
2008-11-27 23:52 . 2008-11-27 23:52 <DIR> d-------- C:\Teach2000
2008-11-26 09:57 . 2008-11-26 09:57 <DIR> d-------- c:\documents and settings\LocalService\Application Data\agi
2008-11-26 08:26 . 2008-11-26 08:27 <DIR> d-------- c:\program files\Linkman
2008-11-25 22:18 . 2008-11-26 08:20 <DIR> d-------- c:\program files\Spybot - Search & Destroy
2008-11-25 22:18 . 2008-11-26 09:01 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-25 10:24 . 2008-11-25 10:27 <DIR> d-------- c:\program files\MultiStage Recovery
2008-11-24 17:35 . 2008-11-24 17:36 <DIR> d-------- c:\program files\iTunes
2008-11-24 17:35 . 2008-11-24 17:35 <DIR> d-------- c:\program files\iPod
2008-11-24 17:35 . 2008-11-24 17:36 <DIR> d-------- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-24 08:21 . 2008-11-24 08:25 <DIR> d-------- c:\program files\Smart Diary Suite 4
2008-11-24 01:25 . 2008-11-24 01:25 <DIR> d-------- c:\documents and settings\Guest\Application Data\EAST Technologies
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-24 20:00 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-12-24 20:00 --------- d-----w c:\program files\Chameleon Clock
2008-12-24 18:09 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2008-12-24 18:05 --------- d-----w c:\program files\East-Tec Eraser 2008
2008-12-23 05:19 --------- d-----w c:\program files\Trend Micro
2008-12-21 17:55 --------- d-----w c:\program files\QuickTime
2008-12-20 21:12 --------- d-----w c:\program files\Type Booster
2008-12-19 20:22 --------- d-----w c:\program files\Diplodock Company
2008-12-19 19:22 16,384 ----a-w c:\windows\DCEBoot.exe
2008-12-18 19:52 --------- d-----w c:\program files\Wondershare
2008-12-15 16:21 --------- d-----w c:\program files\AllMedia Grabber
2008-12-12 17:01 --------- d-----w c:\program files\Hide Wizard
2008-12-10 15:31 --------- d-----w c:\program files\PDF to Image
2008-12-10 06:23 --------- d-----w c:\program files\Common Files\Adobe
2008-12-06 17:22 --------- d-----w c:\program files\American Sign Language
2008-12-06 15:56 --------- d-----w c:\program files\Encsoft
2008-12-04 16:45 2,874 ----a-w c:\documents and settings\Abria Laél\Application Data\SAS7_000.DAT
2008-12-03 17:24 --------- d-----w c:\documents and settings\All Users\Application Data\WholeSecurity
2008-11-28 04:22 --------- d-----w c:\program files\Teach2000
2008-11-27 17:50 --------- d-----w c:\program files\BinaryMark
2008-11-26 14:57 --------- d-----w c:\program files\Webshots
2008-11-26 13:58 --------- d-----w c:\program files\Free Offers from Freeze.com
2008-11-26 13:24 --------- d-----w c:\program files\GridinSoft
2008-11-26 13:23 --------- d-----w c:\documents and settings\Abria Laél\Application Data\Easy Macro Recorder
2008-11-24 22:35 --------- d-----w c:\program files\Common Files\Apple
2008-11-24 22:19 --------- d-----w c:\program files\Safari
2008-11-23 17:45 --------- d-----w c:\program files\Astro Gemini Software
2008-11-22 15:15 33,824 ----a-w c:\windows\system32\drivers\oreans32.sys
2008-11-22 15:15 --------- d-----w c:\documents and settings\Abria Laél\Application Data\SpellQuizzer
2008-11-22 15:13 --------- d-----w c:\program files\SpellQuizzer
2008-11-20 14:55 --------- d-----w c:\program files\Daniusoft
2008-11-17 19:38 --------- d-----w c:\program files\FreeGamePick.com
2008-11-16 17:54 --------- d-----w c:\program files\MegaSign Trial_V1.4
2008-11-16 13:14 --------- d-----w c:\program files\The Lost Watch 3D Screensaver
2008-11-15 14:49 --------- d-----w c:\program files\Digital Physiognomy
2008-11-10 14:07 --------- d-----w c:\program files\Microsoft ActiveSync
2008-11-10 09:24 --------- d-----w c:\program files\Vidroid
2008-11-09 14:08 --------- d-----w c:\program files\HotHotSoftwareFullVersion
2008-11-08 22:28 --------- d-----w c:\program files\easycalendarmaker
2008-11-08 22:23 --------- d-----w c:\program files\Realore
2008-11-07 15:33 --------- d-----w c:\documents and settings\Abria Laél\Application Data\Conceptworld
2008-11-07 15:32 --------- d-----w c:\program files\Conceptworld
2008-11-06 15:57 --------- d-----w c:\program files\Teknia
2008-11-06 14:08 --------- d-----w c:\program files\Uconomix
2008-11-06 04:19 --------- d-----w c:\program files\NoteAttack
2008-11-05 21:31 --------- d-----w c:\documents and settings\Abria Laél\Application Data\agi
2008-11-05 14:21 --------- d-----w c:\documents and settings\Abria Laél\Application Data\HTConsulting
2008-11-05 14:19 --------- d-----w c:\program files\NoteFrog
2008-11-04 14:58 --------- d-----w c:\documents and settings\Abria Laél\Application Data\Beyond Sync
2008-11-04 14:55 --------- d-----w c:\program files\Beyond Sync
2008-11-04 14:40 --------- d-----w c:\documents and settings\Abria Laél\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2008-11-03 18:21 --------- d-----w c:\program files\WinUtilities
2008-11-03 13:06 --------- d-----w c:\program files\CaptureIt
2008-11-01 20:59 --------- d-----w c:\documents and settings\NetworkService\Application Data\agi
2008-11-01 16:01 --------- d-----w c:\program files\Desksware
2008-10-31 16:42 --------- d-----w c:\program files\Common Files\Adobe AIR
2008-10-31 16:41 --------- d--h--w c:\program files\InstallShield Installation Information
2008-10-31 16:40 --------- d-----w c:\documents and settings\All Users\Application Data\NOS
2008-10-31 16:35 --------- d-----w c:\program files\NOS
2008-10-31 12:44 --------- d-----w c:\program files\Smart CD Catalog PRO
2008-10-30 05:31 --------- d-----w c:\program files\Rosetta
2008-10-30 04:50 --------- d-----w c:\program files\Ax3soft
2008-10-28 09:50 --------- d-----w c:\program files\Reminder Commander
2008-10-27 12:10 --------- d-----w c:\documents and settings\All Users\Application Data\Watermark Factory
2008-10-27 12:09 --------- d-----w c:\program files\Watermark Factory 2
2008-10-26 18:08 --------- d-----w c:\documents and settings\All Users\Application Data\agi
2008-10-26 18:07 --------- d-----w c:\program files\AGI
2008-10-26 17:33 --------- d-----w c:\documents and settings\Abria Laél\Application Data\cerasus.media
2008-10-25 14:55 717,296 ----a-w c:\windows\system32\drivers\sptd.sys
2008-10-25 14:53 --------- d-----w c:\program files\Give Away of the day
2008-10-24 15:45 --------- d-----w c:\program files\MagicScore Music Software
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-24 03:07 --------- d-----w c:\program files\The French Tutorial Personal Edition
2008-10-22 21:18 60,744 ----a-w c:\documents and settings\Abria Laél\g2mdlhlpx.exe
2008-10-22 21:18 60,744 ----a-w c:\documents and settings\Abria Laél\g2mdlhlpx.exe
2008-10-15 20:05 47,360 ----a-w c:\documents and settings\Abria Laél\Application Data\pcouffin.sys
2008-10-04 16:19 385,024 ----a-w c:\windows\_MWOLTB.DLL
2008-09-22 14:17 303 ----a-w c:\documents and settings\All Users\License.dat
2008-09-13 05:30 947 ----a-w c:\program files\OneNote 2007 Screen Clipper and Launcher.lnk
1998-06-20 04:00 286,720 ----a-w c:\program files\SETUP1.EXE
2008-06-17 13:26 32,768 -csha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008061720080618\index.dat
.
((((((((((((((((((((((((((((( snapshot@2008-12-24_ 9.53.53.84 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-08-26 07:24:28 124,928 -c----w c:\windows\ie7updates\KB958215-IE7\advpack.dll
+ 2008-08-26 07:24:28 347,136 -c----w c:\windows\ie7updates\KB958215-IE7\dxtmsft.dll
+ 2008-08-26 07:24:28 214,528 -c----w c:\windows\ie7updates\KB958215-IE7\dxtrans.dll
+ 2008-08-26 07:24:28 133,120 -c----w c:\windows\ie7updates\KB958215-IE7\extmgr.dll
+ 2008-08-26 07:24:28 63,488 -c----w c:\windows\ie7updates\KB958215-IE7\icardie.dll
+ 2008-08-25 08:37:59 70,656 -c----w c:\windows\ie7updates\KB958215-IE7\ie4uinit.exe
+ 2008-08-26 07:24:28 153,088 -c----w c:\windows\ie7updates\KB958215-IE7\ieakeng.dll
+ 2008-08-26 07:24:28 230,400 -c----w c:\windows\ie7updates\KB958215-IE7\ieaksie.dll
+ 2008-08-23 05:54:51 161,792 -c----w c:\windows\ie7updates\KB958215-IE7\ieakui.dll
+ 2008-08-26 07:24:28 383,488 -c----w c:\windows\ie7updates\KB958215-IE7\ieapfltr.dll
+ 2008-08-26 07:24:29 384,512 -c----w c:\windows\ie7updates\KB958215-IE7\iedkcs32.dll
+ 2008-10-03 17:41:15 6,066,176 -c----w c:\windows\ie7updates\KB958215-IE7\ieframe.dll
+ 2008-08-26 07:24:29 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\iernonce.dll
+ 2008-08-26 07:24:29 267,776 -c----w c:\windows\ie7updates\KB958215-IE7\iertutil.dll
+ 2008-08-25 08:38:00 13,824 -c----w c:\windows\ie7updates\KB958215-IE7\ieudinit.exe
+ 2008-08-23 05:56:15 635,848 -c----w c:\windows\ie7updates\KB958215-IE7\iexplore.exe
+ 2008-08-26 07:24:30 27,648 -c----w c:\windows\ie7updates\KB958215-IE7\jsproxy.dll
+ 2008-08-26 07:24:30 459,264 -c----w c:\windows\ie7updates\KB958215-IE7\msfeeds.dll
+ 2008-08-26 07:24:30 52,224 -c----w c:\windows\ie7updates\KB958215-IE7\msfeedsbs.dll
+ 2008-08-26 07:24:30 477,696 -c----w c:\windows\ie7updates\KB958215-IE7\mshtmled.dll
+ 2008-08-26 07:24:30 193,024 -c----w c:\windows\ie7updates\KB958215-IE7\msrating.dll
+ 2008-08-26 07:24:30 671,232 -c----w c:\windows\ie7updates\KB958215-IE7\mstime.dll
+ 2008-08-26 07:24:30 102,912 -c----w c:\windows\ie7updates\KB958215-IE7\occache.dll
+ 2008-08-26 07:24:30 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\pngfilt.dll
+ 2007-03-06 01:22:39 213,216 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\updspapi.dll
+ 2008-08-26 07:24:30 105,984 -c----w c:\windows\ie7updates\KB958215-IE7\url.dll
+ 2008-08-26 07:24:31 1,159,680 -c----w c:\windows\ie7updates\KB958215-IE7\urlmon.dll
+ 2008-08-26 07:24:31 233,472 -c----w c:\windows\ie7updates\KB958215-IE7\webcheck.dll
+ 2008-08-26 07:24:31 826,368 -c----w c:\windows\ie7updates\KB958215-IE7\wininet.dll
+ 2008-08-27 08:24:32 3,593,216 -c----w c:\windows\ie7updates\KB960714-IE7\mshtml.dll
+ 2007-03-06 01:22:39 213,216 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:47 371,424 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\updspapi.dll
- 2008-11-13 15:58:12 20,240 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-12-24 18:09:18 20,240 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe
- 2008-11-13 15:58:11 184,080 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe
+ 2008-12-24 18:09:18 184,080 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe
- 2008-11-13 15:58:12 217,864 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe
+ 2008-12-24 18:09:18 217,864 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe
- 2008-11-13 15:58:12 18,704 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-12-24 18:09:18 18,704 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-11-13 15:58:12 35,088 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-12-24 18:09:18 35,088 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-11-13 15:58:12 922,384 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-12-24 18:09:18 922,384 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe
- 2008-11-13 15:58:12 888,080 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-12-24 18:09:18 888,080 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-11-13 15:58:11 1,172,240 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-12-24 18:09:18 1,172,240 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-08-26 07:24:28 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-10-16 20:38:34 124,928 ----a-w c:\windows\system32\advpack.dll
- 2008-12-24 14:12:26 32,768 -c--a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2008-12-24 18:24:41 32,768 -c--a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2008-12-24 14:12:26 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2008-12-24 18:24:41 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2008-12-24 14:12:26 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-12-24 18:24:41 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2008-08-26 07:24:28 124,928 ------w c:\windows\system32\dllcache\advpack.dll
+ 2008-10-16 20:38:34 124,928 ------w c:\windows\system32\dllcache\advpack.dll
- 2008-08-26 07:24:28 347,136 ------w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-10-16 20:38:34 347,136 ------w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-08-26 07:24:28 214,528 ------w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-10-16 20:38:34 214,528 ------w c:\windows\system32\dllcache\dxtrans.dll
- 2008-08-26 07:24:28 133,120 ----a-w c:\windows\system32\dllcache\extmgr.dll
+ 2008-10-16 20:38:35 133,120 ----a-w c:\windows\system32\dllcache\extmgr.dll
+ 2008-10-23 12:36:14 286,720 ------w c:\windows\system32\dllcache\gdi32.dll
- 2008-08-26 07:24:28 63,488 ------w c:\windows\system32\dllcache\icardie.dll
+ 2008-10-16 20:38:35 63,488 ------w c:\windows\system32\dllcache\icardie.dll
- 2008-08-25 08:37:59 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-10-16 13:11:09 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe
- 2008-08-26 07:24:28 153,088 ----a-w c:\windows\system32\dllcache\ieakeng.dll
+ 2008-10-16 20:38:35 153,088 ----a-w c:\windows\system32\dllcache\ieakeng.dll
- 2008-08-26 07:24:28 230,400 ----a-w c:\windows\system32\dllcache\ieaksie.dll
+ 2008-10-16 20:38:35 230,400 ----a-w c:\windows\system32\dllcache\ieaksie.dll
- 2008-08-23 05:54:51 161,792 ----a-w c:\windows\system32\dllcache\ieakui.dll
+ 2008-10-15 07:04:53 161,792 ----a-w c:\windows\system32\dllcache\ieakui.dll
- 2008-08-26 07:24:28 383,488 ------w c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-10-16 20:38:35 383,488 ------w c:\windows\system32\dllcache\ieapfltr.dll
- 2008-08-26 07:24:29 384,512 ------w c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-10-16 20:38:35 384,512 ------w c:\windows\system32\dllcache\iedkcs32.dll
- 2008-10-03 17:41:15 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll
+ 2008-10-16 20:38:37 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll
- 2008-08-26 07:24:29 44,544 ----a-w c:\windows\system32\dllcache\iernonce.dll
+ 2008-10-16 20:38:37 44,544 ----a-w c:\windows\system32\dllcache\iernonce.dll
- 2008-08-26 07:24:29 267,776 ------w c:\windows\system32\dllcache\iertutil.dll
+ 2008-10-16 20:38:37 267,776 ------w c:\windows\system32\dllcache\iertutil.dll
- 2008-08-25 08:38:00 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
+ 2008-10-16 13:11:09 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
- 2008-08-23 05:56:15 635,848 ------w c:\windows\system32\dllcache\iexplore.exe
+ 2008-10-15 07:06:26 633,632 ------w c:\windows\system32\dllcache\iexplore.exe
- 2008-08-26 07:24:30 27,648 ------w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-10-16 20:38:37 27,648 ------w c:\windows\system32\dllcache\jsproxy.dll
- 2006-10-19 00:03:58 100,864 ----a-w c:\windows\system32\dllcache\logagent.exe
+ 2008-06-18 06:09:22 100,864 ----a-w c:\windows\system32\dllcache\logagent.exe
- 2008-08-26 07:24:30 459,264 ------w c:\windows\system32\dllcache\msfeeds.dll
+ 2008-10-16 20:38:37 459,264 ------w c:\windows\system32\dllcache\msfeeds.dll
- 2008-08-26 07:24:30 52,224 ------w c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-10-16 20:38:37 52,224 ------w c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-08-27 08:24:32 3,593,216 ------w c:\windows\system32\dllcache\mshtml.dll
+ 2008-12-13 06:40:02 3,593,216 ------w c:\windows\system32\dllcache\mshtml.dll
- 2008-08-26 07:24:30 477,696 ------w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-10-16 20:38:38 477,696 ------w c:\windows\system32\dllcache\mshtmled.dll
- 2008-08-26 07:24:30 193,024 ------w c:\windows\system32\dllcache\msrating.dll
+ 2008-10-16 20:38:38 193,024 ------w c:\windows\system32\dllcache\msrating.dll
- 2008-08-26 07:24:30 671,232 ----a-w c:\windows\system32\dllcache\mstime.dll
+ 2008-10-16 20:38:39 671,232 ----a-w c:\windows\system32\dllcache\mstime.dll
- 2008-08-26 07:24:30 102,912 ------w c:\windows\system32\dllcache\occache.dll
+ 2008-10-16 20:38:39 102,912 ------w c:\windows\system32\dllcache\occache.dll
- 2008-08-26 07:24:30 44,544 ------w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-10-16 20:38:39 44,544 ------w c:\windows\system32\dllcache\pngfilt.dll
- 2008-08-26 07:24:30 105,984 ------w c:\windows\system32\dllcache\url.dll
+ 2008-10-16 20:38:39 105,984 ------w c:\windows\system32\dllcache\url.dll
- 2008-08-26 07:24:31 1,159,680 ------w c:\windows\system32\dllcache\urlmon.dll
+ 2008-10-16 20:38:39 1,160,192 ------w c:\windows\system32\dllcache\urlmon.dll
- 2008-08-26 07:24:31 233,472 ------w c:\windows\system32\dllcache\webcheck.dll
+ 2008-10-16 20:38:39 233,472 ------w c:\windows\system32\dllcache\webcheck.dll
- 2008-08-26 07:24:31 826,368 ------w c:\windows\system32\dllcache\wininet.dll
+ 2008-10-16 20:38:40 826,368 ------w c:\windows\system32\dllcache\wininet.dll
- 2006-10-19 01:47:20 937,984 -c--a-w c:\windows\system32\dllcache\WMNetMgr.dll
+ 2008-06-18 10:03:08 938,496 ----a-w c:\windows\system32\dllcache\WMNetmgr.dll
- 2006-10-19 01:47:22 2,450,944 -c--a-w c:\windows\system32\dllcache\wmvcore.dll
+ 2008-06-18 10:03:14 2,458,112 ----a-w c:\windows\system32\dllcache\WMVCore.dll
- 2008-08-26 07:24:28 347,136 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-10-16 20:38:34 347,136 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-08-26 07:24:28 214,528 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-10-16 20:38:34 214,528 ----a-w c:\windows\system32\dxtrans.dll
- 2008-08-26 07:24:28 133,120 ----a-w c:\windows\system32\extmgr.dll
+ 2008-10-16 20:38:35 133,120 ----a-w c:\windows\system32\extmgr.dll
- 2008-04-14 00:11:54 285,184 ----a-w c:\windows\system32\gdi32.dll
+ 2008-10-23 12:36:14 286,720 ----a-w c:\windows\system32\gdi32.dll
- 2008-08-26 07:24:28 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2008-10-16 20:38:35 63,488 ----a-w c:\windows\system32\icardie.dll
- 2008-08-25 08:37:59 70,656 ----a-w c:\windows\system32\ie4uinit.exe
+ 2008-10-16 13:11:09 70,656 ----a-w c:\windows\system32\ie4uinit.exe
- 2008-08-26 07:24:28 153,088 ----a-w c:\windows\system32\ieakeng.dll
+ 2008-10-16 20:38:35 153,088 ----a-w c:\windows\system32\ieakeng.dll
- 2008-08-26 07:24:28 230,400 ----a-w c:\windows\system32\ieaksie.dll
+ 2008-10-16 20:38:35 230,400 ----a-w c:\windows\system32\ieaksie.dll
- 2008-08-23 05:54:51 161,792 ----a-w c:\windows\system32\ieakui.dll
+ 2008-10-15 07:04:53 161,792 ----a-w c:\windows\system32\ieakui.dll
- 2008-08-26 07:24:28 383,488 ----a-w c:\windows\system32\ieapfltr.dll
+ 2008-10-16 20:38:35 383,488 ----a-w c:\windows\system32\ieapfltr.dll
- 2008-08-26 07:24:29 384,512 ----a-w c:\windows\system32\iedkcs32.dll
+ 2008-10-16 20:38:35 384,512 ----a-w c:\windows\system32\iedkcs32.dll
- 2008-10-03 17:41:15 6,066,176 ----a-w c:\windows\system32\ieframe.dll
+ 2008-10-16 20:38:37 6,066,176 ----a-w c:\windows\system32\ieframe.dll
- 2008-08-26 07:24:29 44,544 ----a-w c:\windows\system32\iernonce.dll
+ 2008-10-16 20:38:37 44,544 ----a-w c:\windows\system32\iernonce.dll
- 2008-08-26 07:24:29 267,776 ----a-w c:\windows\system32\iertutil.dll
+ 2008-10-16 20:38:37 267,776 ----a-w c:\windows\system32\iertutil.dll
- 2008-08-25 08:38:00 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2008-10-16 13:11:09 13,824 ----a-w c:\windows\system32\ieudinit.exe
- 2008-08-26 07:24:30 27,648 ----a-w c:\windows\system32\jsproxy.dll
+ 2008-10-16 20:38:37 27,648 ----a-w c:\windows\system32\jsproxy.dll
- 2006-10-19 00:03:58 100,864 -c--a-w c:\windows\system32\logagent.exe
+ 2008-06-18 06:09:22 100,864 ----a-w c:\windows\system32\logagent.exe
- 2008-11-04 00:10:25 17,318,336 ----a-w c:\windows\system32\MRT.exe
+ 2008-12-09 23:24:37 17,593,280 ----a-w c:\windows\system32\MRT.exe
- 2008-08-26 07:24:30 459,264 ----a-w c:\windows\system32\msfeeds.dll
+ 2008-10-16 20:38:37 459,264 ----a-w c:\windows\system32\msfeeds.dll
- 2008-08-26 07:24:30 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2008-10-16 20:38:37 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
- 2008-08-27 08:24:32 3,593,216 ----a-w c:\windows\system32\mshtml.dll
+ 2008-12-13 06:40:02 3,593,216 ----a-w c:\windows\system32\mshtml.dll
- 2008-08-26 07:24:30 477,696 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-10-16 20:38:38 477,696 ----a-w c:\windows\system32\mshtmled.dll
- 2008-08-26 07:24:30 193,024 ----a-w c:\windows\system32\msrating.dll
+ 2008-10-16 20:38:38 193,024 ----a-w c:\windows\system32\msrating.dll
- 2008-08-26 07:24:30 671,232 ----a-w c:\windows\system32\mstime.dll
+ 2008-10-16 20:38:39 671,232 ----a-w c:\windows\system32\mstime.dll
- 2008-08-26 07:24:30 102,912 ----a-w c:\windows\system32\occache.dll
+ 2008-10-16 20:38:39 102,912 ----a-w c:\windows\system32\occache.dll
- 2008-08-26 07:24:30 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-10-16 20:38:39 44,544 ----a-w c:\windows\system32\pngfilt.dll
- 2008-07-08 13:02:01 17,272 ----a-w c:\windows\system32\spmsg.dll
+ 2007-11-30 12:39:22 17,272 ------w c:\windows\system32\spmsg.dll
- 2008-04-14 00:12:07 246,814 ----a-w c:\windows\system32\strmdll.dll
+ 2008-10-03 10:02:42 247,326 ----a-w c:\windows\system32\strmdll.dll
- 2008-07-11 12:42:28 62,976 ----a-w c:\windows\system32\tzchange.exe
+ 2008-10-23 10:06:59 62,976 ----a-w c:\windows\system32\tzchange.exe
- 2008-08-26 07:24:30 105,984 ----a-w c:\windows\system32\url.dll
+ 2008-10-16 20:38:39 105,984 ----a-w c:\windows\system32\url.dll
- 2008-08-26 07:24:31 1,159,680 ----a-w c:\windows\system32\urlmon.dll
+ 2008-10-16 20:38:39 1,160,192 ----a-w c:\windows\system32\urlmon.dll
- 2008-08-26 07:24:31 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2008-10-16 20:38:39 233,472 ----a-w c:\windows\system32\webcheck.dll
- 2008-08-26 07:24:31 826,368 ----a-w c:\windows\system32\wininet.dll
+ 2008-10-16 20:38:40 826,368 ----a-w c:\windows\system32\wininet.dll
- 2006-10-19 01:47:20 937,984 ----a-w c:\windows\system32\WMNetMgr.dll
+ 2008-06-18 10:03:08 938,496 ----a-w c:\windows\system32\WMNetmgr.dll
- 2006-10-19 01:47:22 2,450,944 ----a-w c:\windows\system32\wmvcore.dll
+ 2008-06-18 10:03:14 2,458,112 ----a-w c:\windows\system32\WMVCore.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-CEC4-75A487FD6484}]
2007-10-02 15:31 1909248 --a------ c:\progra~1\mypoints\mypoints.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
2008-07-28 05:46 160496 --a------ c:\program files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{A057A204-BACC-4D26-CEC4-75A487FD6484}"= "c:\progra~1\mypoints\mypoints.dll" [2007-10-02 1909248]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{A057A204-BACC-4D26-CEC4-75A487FD6484}"= "c:\progra~1\mypoints\mypoints.dll" [2007-10-02 1909248]
[HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-cec4-75a487fd6484}]
[HKEY_CLASSES_ROOT\mypoints.MYPOINTS]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 204288]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2008-09-19 4347120]
"HomeAlarm"="c:\program files\Chameleon Clock\ChamClock.exe" [2007-12-10 709632]
"AnVir Task Manager"="c:\program files\AnVir Task Manager\AnVir.exe" [2008-11-30 2733280]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-10-01 111936]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"DNS7reminder"="c:\program files\Nuance\NaturallySpeaking10\Ereg\Ereg.exe" [2007-04-16 259624]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-08-26 185896]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"MBkLogOnHook"="c:\program files\McAfee\MBK\LogOnHook.exe" [2007-01-08 20480]
c:\documents and settings\Abria La‚l\Start Menu\Programs\Startup\
Dragon NaturallySpeaking.lnk - c:\program files\Nuance\NaturallySpeaking10\Program\natspeak.exe [2008-09-11 2815336]
Startup Defender.lnk - c:\program files\Zards software\Startup Defender\Startup Defender.exe [2008-07-06 1052160]
visiondefense.lnk - c:\program files\Vision Defense\Vision Defense.exe [2008-09-11 11954890]
Yahoo! Widgets.lnk - c:\program files\Yahoo!\Widgets\YahooWidgets.exe [2008-03-18 4742184]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{1214FBE7-4464-4A7E-9958-B5851A7A30A3}"= "c:\program files\Conceptworld\RecentX\RXShell.dll" [2008-06-12 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]
2005-07-25 13:41 40960 c:\program files\HPQ\IAM\Bin\AsWlnPkg.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm
"MSVideo"= CSvidcap.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli AsWlnPkg
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^eBay Countdown.url]
backup=c:\windows\pss\eBay Countdown.urlCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CapTrue]
--a------ 2008-09-05 11:55 673280 c:\program files\CapTrue\captrue.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\zweitgeist Assistant]
--a------ 2008-09-03 20:53 192512 c:\program files\weblin\weblinAssistant.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\mqsvc.exe"=
"c:\\WINDOWS\\SMINST\\Scheduler.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Widgets\\YahooWidgets.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Program Files\\Java\\jre1.6.0_01\\bin\\javaw.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Java\\jre1.6.0_07\\bin\\javaw.exe"=
"c:\\Program Files\\Nuance\\NaturallySpeaking10\\Program\\datacollector.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R1 HFCore;HFCore;\??\c:\windows\system32\drivers\HFCore.sys [2006-05-30 18816]
R1 StarPortLite;StarPort Storage Controller (Lite);c:\windows\system32\DRIVERS\StarPortLite.sys [2008-10-25 93544]
R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [2004-08-04 14336]
R2 LicCtrlService;LicCtrl Service;c:\windows\runservice.exe [2008-12-16 2560]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [2008-10-31 33752]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance REG_MULTI_SZ ASChannel
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d008cd74-6d66-11dd-8530-0019d246ccff}]
\Shell\AutoRun\command - F:\ClearPlayEasyUpdates.exe
.
Contents of the 'Scheduled Tasks' folder
2008-12-22 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2008-12-23 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2007-12-04 13:32]
2008-12-23 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2007-12-04 13:32]
2008-12-24 c:\windows\Tasks\NatSpeak Periodic Acoustic Optimization.job
- c:\program files\Nuance\NaturallySpeaking10\Program\schedmgr.exe [2008-09-11 04:51]
2008-12-24 c:\windows\Tasks\NatSpeak Periodic Data Collection.job
- c:\program files\Nuance\NaturallySpeaking10\Program\datacollector.exe [2008-09-11 04:51]
2008-12-24 c:\windows\Tasks\NatSpeak Periodic Language Model Optimization.job
- c:\program files\Nuance\NaturallySpeaking10\Program\schedmgr.exe [2008-09-11 04:51]
2008-12-23 c:\windows\Tasks\rpc.job
- c:\program files\Winferno\RegistryPowerCleaner\RegPowerClean.exe []
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://home.careerstep.com/uInternet Settings,ProxyOverride = *.local
IE: &Search - ?p=ZJman000
IE: >Search in Linkman -
file://c:\documents and settings\Abria Laél\My Documents\Linkman\iescript_search.htm
IE: Add to Linkman -
file://c:\documents and settings\Abria Laél\My Documents\Linkman\iescript_add.htm
IE: Add to Linkman and Edit -
file://c:\documents and settings\Abria Laél\My Documents\Linkman\iescript_edit.htm
IE: Add to Power Favorites - c:\program files\Desksware\Power Favorites\copyurl.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: eBay Search - c:\program files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
IE: MWOL &Dictionary - c:\windows\_MWOLTB.DLL/23/219
IE: MWOL &Thesaurus - c:\windows\_MWOLTB.DLL/23/220
IE: Show Linkman -
file://c:\documents and settings\Abria Laél\My Documents\Linkman\iescript_show.htm
c:\windows\Downloaded Program Files\CONFLICT.1\Microsoft.OfficeLive.Workspace.RichUpload.dll - O16 -: {07246F83-6D48-4559-81EC-117CBAE54F1B}
hxxp://workspace.office.live.com/Misc/M ... Upload.cabc:\windows\Downloaded Program Files\CONFLICT.1\Microsoft.OfficeLive.Workspace.RichUpload.inf
c:\windows\Downloaded Program Files\mwolinstaller.dll - O16 -: {3CF32649-D1C0-4F42-AB44-ED284748920B}
hxxp://www.merriam-webster.com/download ... nstall.cabc:\windows\Downloaded Program Files\mwoltb.inf
c:\windows\Downloaded Program Files\PIEHid.dll - c:\windows\Downloaded Program Files\footpedal.dll
O16 -: {BEB82CC6-09F3-43EA-BEB1-97188E21035D}
hxxp://shared.careerstep.com/footpedal.cabc:\windows\Downloaded Program Files\footpedal.inf
c:\windows\Downloaded Program Files\Microsoft.OfficeLive.Workspace.RichUpload.dll - O16 -: {EE884C7D-21A0-49EA-B6F2-61ACF4E226F6}
hxxp://workspace.office.live.com/Misc/M ... Upload.cabc:\windows\Downloaded Program Files\Microsoft.OfficeLive.Workspace.RichUpload.inf
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-12-24 14:58:11
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(908)
c:\program files\HPQ\IAM\Bin\AsWlnPkg.dll
c:\program files\HPQ\IAM\Bin\ASChnl.dll
c:\program files\HPQ\IAM\Bin\ItMsg.dll
- - - - - - - > 'lsass.exe'(964)
c:\program files\HPQ\IAM\bin\AsWlnPkg.dll
- - - - - - - > 'Explorer.EXE'(3256)
c:\program files\HPQ\IAM\Bin\SFSShell.dll
c:\program files\HPQ\IAM\bin\ItMsg.dll
c:\docume~1\ABRIAL~1\LOCALS~1\Temp\catchme.dll
c:\program files\Conceptworld\RecentX\RxResEnu.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCR80.dll
c:\program files\Chameleon Clock\trayclock.dll
c:\program files\AnVir Task Manager\AnvirHook54.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\dllhost.exe
c:\windows\system32\msdtc.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\McAfee\MBK\MBackMonitor.exe
c:\progra~1\McAfee\MSC\mcmscsvc.exe
c:\progra~1\COMMON~1\McAfee\MNA\McNASvc.exe
c:\progra~1\COMMON~1\McAfee\McProxy\McProxy.exe
c:\program files\McAfee\VirusScan\Mcshield.exe
c:\program files\McAfee\MPF\MpfSrv.exe
c:\windows\system32\mqsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\system32\mqtgsvc.exe
c:\program files\HPQ\IAM\Bin\asghost.exe
c:\progra~1\McAfee.com\Agent\mcagent.exe
c:\combofix\hidec.exe
c:\program files\Consumer Input Rewarded with MyPoints, Consumer Input\ConsumerInputRewardedwithMyPoints,ConsumerInputUa.exe
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Yahoo!\Messenger\Ymsgr_tray.exe
c:\windows\system32\drwtsn32.exe
c:\windows\system32\drwtsn32.exe
c:\progra~1\McAfee\MSC\mcuimgr.exe
c:\windows\system32\taskmgr.exe
c:\program files\Consumer Input Rewarded with MyPoints, Consumer Input\ConsumerInputRewardedwithMyPoints,ConsumerInput.exe
c:\combofix\Catchme.tmp
.
**************************************************************************
.
Completion time: 2008-12-24 15:04:43 - machine was rebooted
ComboFix-quarantined-files.txt 2008-12-24 20:03:25
ComboFix2.txt 2008-12-24 14:54:36
Pre-Run: 4,267,642,880 bytes free
Post-Run: 4,308,758,528 bytes free
694 --- E O F --- 2008-12-24 18:09:21
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:20:27 PM, on 12.24.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\HPQ\IAM\bin\asghost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Consumer Input Rewarded with MyPoints, Consumer Input\ConsumerInputRewardedwithMyPoints,ConsumerInputUa.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Nuance\NaturallySpeaking10\Program\natspeak.exe
C:\Program Files\Zards software\Startup Defender\Startup Defender.exe
C:\Program Files\Vision Defense\Vision Defense.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\runservice.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\McAfee\MBK\MBackMonitor.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\McAfee\VirusScan\McShield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\svchost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Consumer Input Rewarded with MyPoints, Consumer Input\ConsumerInputRewardedwithMyPoints,ConsumerInput.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Program Files\Trend Micro\HijackThis\wordgirl.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://home.careerstep.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://go.microsoft.com/fwlink/?LinkId=74005R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Merriam-Webster Online BHO - {5ADA9CAC-04F9-4DD2-ABFD-74D673BE8624} - C:\WINDOWS\_MWOLTB.DLL
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MYPOINTS - {A057A204-BACC-4D26-CEC4-75A487FD6484} - C:\PROGRA~1\mypoints\mypoints.dll
O2 - BHO: (no name) - {DC5F9604-C6E2-47D0-8E0F-E60FCCB334C7} - (no file)
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: MYPOINTS - {A057A204-BACC-4D26-CEC4-75A487FD6484} - C:\PROGRA~1\mypoints\mypoints.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Merriam-Webster Online - {B7B76DD6-B6F0-4443-AF81-6A3ECF12A57D} - C:\WINDOWS\_MWOLTB.DLL
O3 - Toolbar: &Linkman - {5C9DCA26-CEC4-4280-A831-D622D4DBF113} - C:\PROGRA~1\Linkman\LINKMA~1.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files\Nuance\NaturallySpeaking10\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\Nuance\NaturallySpeaking10\Ereg.ini
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O4 - HKCU\..\Run: [AnVir Task Manager] "C:\Program Files\AnVir Task Manager\AnVir.exe" Minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Consumer Input Rewarded with MyPoints, Consumer Input Update] C:\Program Files\Consumer Input Rewarded with MyPoints, Consumer Input\ConsumerInputRewardedwithMyPoints,ConsumerInputUa.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Dragon NaturallySpeaking.lnk = C:\Program Files\Nuance\NaturallySpeaking10\Program\natspeak.exe
O4 - Startup: Startup Defender.lnk = C:\Program Files\Zards software\Startup Defender\Startup Defender.exe
O4 - Startup: visiondefense.lnk = C:\Program Files\Vision Defense\Vision Defense.exe
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O8 - Extra context menu item: &Search - ?p=ZJman000
O8 - Extra context menu item: >Search in Linkman -
file://C:\Documents and Settings\Abria Laél\My Documents\Linkman\iescript_search.htm
O8 - Extra context menu item: Add to Linkman -
file://C:\Documents and Settings\Abria Laél\My Documents\Linkman\iescript_add.htm
O8 - Extra context menu item: Add to Linkman and Edit -
file://C:\Documents and Settings\Abria Laél\My Documents\Linkman\iescript_edit.htm
O8 - Extra context menu item: Add to Power Favorites - C:\Program Files\Desksware\Power Favorites\copyurl.htm
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: eBay Search -
res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: MWOL &Dictionary -
res://C:\WINDOWS\_MWOLTB.DLL/23/219
O8 - Extra context menu item: MWOL &Thesaurus -
res://C:\WINDOWS\_MWOLTB.DLL/23/220
O8 - Extra context menu item: Show Linkman -
file://C:\Documents and Settings\Abria Laél\My Documents\Linkman\iescript_show.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O16 - DPF: {07246F83-6D48-4559-81EC-117CBAE54F1B} (Microsoft Office Live Workspace Upload Tool) -
http://workspace.office.live.com/Misc/M ... Upload.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {3CF32649-D1C0-4F42-AB44-ED284748920B} (Merriam-Webster Online Toolbar) -
http://www.merriam-webster.com/download ... nstall.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.microsoft.com/windows ... 3707172546O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) -
https://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cabO16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) -
http://web1.shutterfly.com/downloads/Uploader.cabO16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) -
http://ak.imgag.com/imgag/cp/install/Crusher.cabO16 - DPF: {BEB82CC6-09F3-43EA-BEB1-97188E21035D} (FootPedalCtl Class) -
http://shared.careerstep.com/footpedal.cabO16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) -
http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
https://fpdownload.macromedia.com/pub/s ... wflash.cabO16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) -
https://disney.webex.com/client/v_myweb ... eatgpc.cabO16 - DPF: {EE884C7D-21A0-49EA-B6F2-61ACF4E226F6} (Microsoft Office Live Workspace Upload Tool) -
http://workspace.office.live.com/Misc/M ... Upload.cabO16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) -
http://cvs.pnimedia.com/upload/activex/ ... 0.0.11.cab?
O20 - Winlogon Notify: OneCard - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\McShield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 14330 bytes