I was unable to get ESET to run a scan. After selecting "Install" in answer to the warning, "Publisher could not be verified. Are you sure you want to install this software?" a new box (empty) on the page with a red X in the upper left corner quickly appeared -- followed by nothing. Otherwise, the computer is performing well. Web searches now yield legitimate returns (thank you!). Below you'll find the ComboFix log followed by another Hijack this log.
ComboFix 09-02-08.02 - HP_Owner 2009-02-12 4:09:17.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.503.168 [GMT -5:00]
Running from: c:\documents and settings\HP_Owner\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\HP_Owner\Desktop\CFScript.txt
* Created a new restore point
.
((((((((((((((((((((((((( Files Created from 2009-01-12 to 2009-02-12 )))))))))))))))))))))))))))))))
.
2220-12-13 19:07 . 2220-12-13 19:07 <DIR> d-------- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2220-12-13 19:06 . 2220-12-13 19:06 <DIR> d-------- c:\program files\Yahoo!
2009-01-28 18:13 . 2009-01-28 18:13 <DIR> d-------- c:\program files\Trend Micro
2009-01-27 01:32 . 2009-01-27 01:32 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-27 01:32 . 2009-01-27 01:32 <DIR> d-------- c:\documents and settings\HP_Owner\Application Data\Malwarebytes
2009-01-27 01:32 . 2009-01-27 01:32 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-01-27 01:32 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-27 01:32 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-26 22:47 . 2009-01-18 16:35 15,688 --a------ c:\windows\system32\lsdelete.exe
2009-01-26 22:34 . 2009-01-18 16:30 64,160 --a------ c:\windows\system32\drivers\Lbd.sys
2009-01-26 22:33 . 2009-01-26 22:33 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-01-26 22:32 . 2009-01-26 22:32 <DIR> d-------- c:\program files\Lavasoft
2009-01-26 22:32 . 2009-01-26 22:32 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-12 09:06 --------- d-----w c:\documents and settings\HP_Owner\Application Data\HPAppData
2009-02-12 08:56 3,645 ----a-w c:\windows\viassary-hp.reg
2009-02-12 08:56 --------- d-----w c:\documents and settings\All Users\Application Data\Skype
2009-02-12 08:54 63,320 ----a-w c:\documents and settings\HP_Owner\Application Data\wklnhst.dat
2008-12-20 23:15 826,368 ----a-w c:\windows\system32\wininet.dll
2008-09-12 18:39 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008091220080913\index.dat
.
((((((((((((((((((((((((((((( SnapShot@2009-02-10_ 3.57.39.31 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-10-16 20:38:34 124,928 -c----w c:\windows\ie7updates\KB961260-IE7\advpack.dll
+ 2008-10-16 20:38:34 347,136 -c----w c:\windows\ie7updates\KB961260-IE7\dxtmsft.dll
+ 2008-10-16 20:38:34 214,528 -c----w c:\windows\ie7updates\KB961260-IE7\dxtrans.dll
+ 2008-10-16 20:38:35 133,120 -c----w c:\windows\ie7updates\KB961260-IE7\extmgr.dll
+ 2008-10-16 20:38:35 63,488 -c----w c:\windows\ie7updates\KB961260-IE7\icardie.dll
+ 2008-10-16 13:11:09 70,656 -c----w c:\windows\ie7updates\KB961260-IE7\ie4uinit.exe
+ 2008-10-16 20:38:35 153,088 -c----w c:\windows\ie7updates\KB961260-IE7\ieakeng.dll
+ 2008-10-16 20:38:35 230,400 -c----w c:\windows\ie7updates\KB961260-IE7\ieaksie.dll
+ 2008-10-15 07:04:53 161,792 -c----w c:\windows\ie7updates\KB961260-IE7\ieakui.dll
+ 2008-10-16 20:38:35 383,488 -c----w c:\windows\ie7updates\KB961260-IE7\ieapfltr.dll
+ 2008-10-16 20:38:35 384,512 -c----w c:\windows\ie7updates\KB961260-IE7\iedkcs32.dll
+ 2008-10-16 20:38:37 6,066,176 -c----w c:\windows\ie7updates\KB961260-IE7\ieframe.dll
+ 2008-10-16 20:38:37 44,544 -c----w c:\windows\ie7updates\KB961260-IE7\iernonce.dll
+ 2008-10-16 20:38:37 267,776 -c----w c:\windows\ie7updates\KB961260-IE7\iertutil.dll
+ 2008-10-16 13:11:09 13,824 -c----w c:\windows\ie7updates\KB961260-IE7\ieudinit.exe
+ 2008-10-15 07:06:26 633,632 -c----w c:\windows\ie7updates\KB961260-IE7\iexplore.exe
+ 2008-10-16 20:38:37 27,648 -c----w c:\windows\ie7updates\KB961260-IE7\jsproxy.dll
+ 2008-10-16 20:38:37 459,264 -c----w c:\windows\ie7updates\KB961260-IE7\msfeeds.dll
+ 2008-10-16 20:38:37 52,224 -c----w c:\windows\ie7updates\KB961260-IE7\msfeedsbs.dll
+ 2008-12-13 06:40:02 3,593,216 -c----w c:\windows\ie7updates\KB961260-IE7\mshtml.dll
+ 2008-10-16 20:38:38 477,696 -c----w c:\windows\ie7updates\KB961260-IE7\mshtmled.dll
+ 2008-10-16 20:38:38 193,024 -c----w c:\windows\ie7updates\KB961260-IE7\msrating.dll
+ 2008-10-16 20:38:39 671,232 -c----w c:\windows\ie7updates\KB961260-IE7\mstime.dll
+ 2008-10-16 20:38:39 102,912 -c----w c:\windows\ie7updates\KB961260-IE7\occache.dll
+ 2008-10-16 20:38:39 44,544 -c----w c:\windows\ie7updates\KB961260-IE7\pngfilt.dll
+ 2007-03-06 01:22:41 213,216 -c----w c:\windows\ie7updates\KB961260-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\ie7updates\KB961260-IE7\spuninst\updspapi.dll
+ 2008-10-16 20:38:39 105,984 -c----w c:\windows\ie7updates\KB961260-IE7\url.dll
+ 2008-10-16 20:38:39 1,160,192 -c----w c:\windows\ie7updates\KB961260-IE7\urlmon.dll
+ 2008-10-16 20:38:39 233,472 -c----w c:\windows\ie7updates\KB961260-IE7\webcheck.dll
+ 2008-10-16 20:38:40 826,368 -c----w c:\windows\ie7updates\KB961260-IE7\wininet.dll
- 2009-01-14 08:05:07 12,288 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2009-02-12 08:51:34 12,288 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2009-01-14 08:05:07 135,168 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-02-12 08:51:34 135,168 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2009-01-14 08:05:07 11,264 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2009-02-12 08:51:34 11,264 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2009-01-14 08:05:07 27,136 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2009-02-12 08:51:34 27,136 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2009-01-14 08:05:07 4,096 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2009-02-12 08:51:34 4,096 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2009-01-14 08:05:07 794,624 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2009-02-12 08:51:34 794,624 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2009-01-14 08:05:07 249,856 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2009-02-12 08:51:34 249,856 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2009-01-14 08:05:07 23,040 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2009-02-12 08:51:34 23,040 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2009-01-14 08:05:07 286,720 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2009-02-12 08:51:34 286,720 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2009-01-14 08:05:07 409,600 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2009-02-12 08:51:34 409,600 ----a-r c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-10-16 20:38:34 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-12-20 23:15:11 124,928 ----a-w c:\windows\system32\advpack.dll
- 2008-10-16 20:38:34 124,928 -c--a-w c:\windows\system32\dllcache\advpack.dll
+ 2008-12-20 23:15:11 124,928 -c--a-w c:\windows\system32\dllcache\advpack.dll
- 2008-10-16 20:38:34 347,136 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-12-20 23:15:12 347,136 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-10-16 20:38:34 214,528 -c--a-w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-12-20 23:15:13 214,528 -c--a-w c:\windows\system32\dllcache\dxtrans.dll
- 2008-10-16 20:38:35 133,120 -c--a-w c:\windows\system32\dllcache\extmgr.dll
+ 2008-12-20 23:15:13 133,120 -c--a-w c:\windows\system32\dllcache\extmgr.dll
- 2008-10-16 20:38:35 63,488 -c----w c:\windows\system32\dllcache\icardie.dll
+ 2008-12-20 23:15:13 63,488 -c----w c:\windows\system32\dllcache\icardie.dll
- 2008-10-16 13:11:09 70,656 -c--a-w c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-12-19 09:10:15 70,656 -c--a-w c:\windows\system32\dllcache\ie4uinit.exe
- 2008-10-16 20:38:35 153,088 -c--a-w c:\windows\system32\dllcache\ieakeng.dll
+ 2008-12-20 23:15:14 153,088 -c--a-w c:\windows\system32\dllcache\ieakeng.dll
- 2008-10-16 20:38:35 230,400 -c--a-w c:\windows\system32\dllcache\ieaksie.dll
+ 2008-12-20 23:15:14 230,400 -c--a-w c:\windows\system32\dllcache\ieaksie.dll
- 2008-10-15 07:04:53 161,792 -c--a-w c:\windows\system32\dllcache\ieakui.dll
+ 2008-12-19 05:23:56 161,792 -c--a-w c:\windows\system32\dllcache\ieakui.dll
- 2008-10-16 20:38:35 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-12-20 23:15:15 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
- 2008-10-16 20:38:35 384,512 -c--a-w c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-12-20 23:15:16 384,512 -c--a-w c:\windows\system32\dllcache\iedkcs32.dll
- 2008-10-16 20:38:37 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll
+ 2008-12-20 23:15:21 6,066,688 -c----w c:\windows\system32\dllcache\ieframe.dll
- 2008-10-16 20:38:37 44,544 -c--a-w c:\windows\system32\dllcache\iernonce.dll
+ 2008-12-20 23:15:21 44,544 -c--a-w c:\windows\system32\dllcache\iernonce.dll
- 2008-10-16 20:38:37 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll
+ 2008-12-20 23:15:22 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll
- 2008-10-16 13:11:09 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe
+ 2008-12-19 09:10:15 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe
- 2008-10-15 07:06:26 633,632 -c--a-w c:\windows\system32\dllcache\iexplore.exe
+ 2008-12-19 05:25:25 634,024 -c--a-w c:\windows\system32\dllcache\iexplore.exe
- 2008-10-16 20:38:37 27,648 -c--a-w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-12-20 23:15:23 27,648 -c--a-w c:\windows\system32\dllcache\jsproxy.dll
- 2008-10-16 20:38:37 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll
+ 2008-12-20 23:15:23 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll
- 2008-10-16 20:38:37 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-12-20 23:15:24 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-12-13 06:40:02 3,593,216 -c--a-w c:\windows\system32\dllcache\mshtml.dll
+ 2009-01-17 02:35:14 3,594,752 -c--a-w c:\windows\system32\dllcache\mshtml.dll
- 2008-10-16 20:38:38 477,696 -c--a-w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-12-20 23:15:30 477,696 -c--a-w c:\windows\system32\dllcache\mshtmled.dll
- 2008-10-16 20:38:38 193,024 -c--a-w c:\windows\system32\dllcache\msrating.dll
+ 2008-12-20 23:15:31 193,024 -c--a-w c:\windows\system32\dllcache\msrating.dll
- 2008-10-16 20:38:39 671,232 -c--a-w c:\windows\system32\dllcache\mstime.dll
+ 2008-12-20 23:15:32 671,232 -c--a-w c:\windows\system32\dllcache\mstime.dll
- 2008-10-16 20:38:39 102,912 -c--a-w c:\windows\system32\dllcache\occache.dll
+ 2008-12-20 23:15:38 102,912 -c--a-w c:\windows\system32\dllcache\occache.dll
- 2008-10-16 20:38:39 44,544 -c--a-w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-12-20 23:15:38 44,544 -c--a-w c:\windows\system32\dllcache\pngfilt.dll
- 2008-10-16 20:38:39 105,984 -c--a-w c:\windows\system32\dllcache\url.dll
+ 2008-12-20 23:15:39 105,984 -c--a-w c:\windows\system32\dllcache\url.dll
- 2008-10-16 20:38:39 1,160,192 -c--a-w c:\windows\system32\dllcache\urlmon.dll
+ 2008-12-20 23:15:40 1,160,192 -c--a-w c:\windows\system32\dllcache\urlmon.dll
- 2008-10-16 20:38:39 233,472 -c--a-w c:\windows\system32\dllcache\webcheck.dll
+ 2008-12-20 23:15:40 233,472 -c--a-w c:\windows\system32\dllcache\webcheck.dll
- 2008-10-16 20:38:40 826,368 -c--a-w c:\windows\system32\dllcache\wininet.dll
+ 2008-12-20 23:15:41 826,368 -c--a-w c:\windows\system32\dllcache\wininet.dll
- 2008-10-16 20:38:34 347,136 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-12-20 23:15:12 347,136 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-10-16 20:38:34 214,528 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-12-20 23:15:13 214,528 ----a-w c:\windows\system32\dxtrans.dll
- 2008-10-16 20:38:35 133,120 ----a-w c:\windows\system32\extmgr.dll
+ 2008-12-20 23:15:13 133,120 ----a-w c:\windows\system32\extmgr.dll
- 2008-10-16 20:38:35 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2008-12-20 23:15:13 63,488 ----a-w c:\windows\system32\icardie.dll
- 2008-10-16 13:11:09 70,656 ----a-w c:\windows\system32\ie4uinit.exe
+ 2008-12-19 09:10:15 70,656 ----a-w c:\windows\system32\ie4uinit.exe
- 2008-10-16 20:38:35 153,088 ----a-w c:\windows\system32\ieakeng.dll
+ 2008-12-20 23:15:14 153,088 ----a-w c:\windows\system32\ieakeng.dll
- 2008-10-16 20:38:35 230,400 ----a-w c:\windows\system32\ieaksie.dll
+ 2008-12-20 23:15:14 230,400 ----a-w c:\windows\system32\ieaksie.dll
- 2008-10-15 07:04:53 161,792 ----a-w c:\windows\system32\ieakui.dll
+ 2008-12-19 05:23:56 161,792 ----a-w c:\windows\system32\ieakui.dll
- 2008-10-16 20:38:35 383,488 ----a-w c:\windows\system32\ieapfltr.dll
+ 2008-12-20 23:15:15 383,488 ----a-w c:\windows\system32\ieapfltr.dll
- 2008-10-16 20:38:35 384,512 ----a-w c:\windows\system32\iedkcs32.dll
+ 2008-12-20 23:15:16 384,512 ----a-w c:\windows\system32\iedkcs32.dll
- 2008-10-16 20:38:37 6,066,176 ----a-w c:\windows\system32\ieframe.dll
+ 2008-12-20 23:15:21 6,066,688 ----a-w c:\windows\system32\ieframe.dll
- 2008-10-16 20:38:37 44,544 ----a-w c:\windows\system32\iernonce.dll
+ 2008-12-20 23:15:21 44,544 ----a-w c:\windows\system32\iernonce.dll
- 2008-10-16 20:38:37 267,776 ----a-w c:\windows\system32\iertutil.dll
+ 2008-12-20 23:15:22 267,776 ----a-w c:\windows\system32\iertutil.dll
- 2008-10-16 13:11:09 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2008-12-19 09:10:15 13,824 ----a-w c:\windows\system32\ieudinit.exe
- 2008-10-16 20:38:37 27,648 ----a-w c:\windows\system32\jsproxy.dll
+ 2008-12-20 23:15:23 27,648 ----a-w c:\windows\system32\jsproxy.dll
- 2009-01-10 01:35:28 20,853,704 ----a-w c:\windows\system32\MRT.exe
+ 2009-02-03 23:21:12 21,244,864 ----a-w c:\windows\system32\MRT.exe
- 2008-10-16 20:38:37 459,264 ----a-w c:\windows\system32\msfeeds.dll
+ 2008-12-20 23:15:23 459,264 ----a-w c:\windows\system32\msfeeds.dll
- 2008-10-16 20:38:37 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2008-12-20 23:15:24 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
- 2008-12-13 06:40:02 3,593,216 ----a-w c:\windows\system32\mshtml.dll
+ 2009-01-17 02:35:14 3,594,752 ----a-w c:\windows\system32\mshtml.dll
- 2008-10-16 20:38:38 477,696 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-12-20 23:15:30 477,696 ----a-w c:\windows\system32\mshtmled.dll
- 2008-10-16 20:38:38 193,024 ----a-w c:\windows\system32\msrating.dll
+ 2008-12-20 23:15:31 193,024 ----a-w c:\windows\system32\msrating.dll
- 2008-10-16 20:38:39 671,232 ----a-w c:\windows\system32\mstime.dll
+ 2008-12-20 23:15:32 671,232 ----a-w c:\windows\system32\mstime.dll
- 2008-10-16 20:38:39 102,912 ----a-w c:\windows\system32\occache.dll
+ 2008-12-20 23:15:38 102,912 ----a-w c:\windows\system32\occache.dll
- 2008-10-16 20:38:39 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-12-20 23:15:38 44,544 ----a-w c:\windows\system32\pngfilt.dll
- 2007-11-30 12:39:22 17,272 ------w c:\windows\system32\spmsg.dll
+ 2008-07-09 07:38:24 17,272 ------w c:\windows\system32\spmsg.dll
- 2008-10-16 20:38:39 105,984 ----a-w c:\windows\system32\url.dll
+ 2008-12-20 23:15:39 105,984 ----a-w c:\windows\system32\url.dll
- 2008-10-16 20:38:39 1,160,192 ----a-w c:\windows\system32\urlmon.dll
+ 2008-12-20 23:15:40 1,160,192 ----a-w c:\windows\system32\urlmon.dll
- 2008-10-16 20:38:39 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2008-12-20 23:15:40 233,472 ----a-w c:\windows\system32\webcheck.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2008-07-16 1266992]
[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-13 1695232]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2005-07-08 17675304]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-25 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-08-21 118784]
"HPHUPD06"="c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 49152]
"HPHmon06"="c:\windows\system32\hphmon06.exe" [2004-06-07 659456]
"KBD"="c:\hp\KBD\KBD.EXE" [2003-02-11 61440]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2004-10-21 180269]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2004-06-04 286720]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-14 233472]
"PS2"="c:\windows\system32\ps2.exe" [2002-10-16 81920]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 253952]
"BJCFD"="c:\program files\BroadJump\Client Foundation\CFD.exe" [2002-09-10 368706]
"tgcmd"="c:\program files\Support.com\bin\tgcmd.exe" [2002-04-12 1536000]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2004-10-21 98304]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-04-17 196608]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-13 69632]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2005-09-16 52848]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-03 36352]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-02-09 509784]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 c:\windows\ALCXMNTR.EXE]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 c:\windows\AGRSMMSG.exe]
"SoundMan"="SOUNDMAN.EXE" [2005-04-06 c:\windows\SOUNDMAN.EXE]
"AlcWzrd"="ALCWZRD.EXE" [2005-04-06 c:\windows\ALCWZRD.EXE]
c:\documents and settings\HP_Owner\Start Menu\Programs\Startup\
HP Organize.lnk - c:\program files\Hewlett-Packard\HP Organize\bin\displayAgent.exe [2004-10-21 36864]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-04-15 113664]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
LaunchU3.exe.lnk - c:\windows\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_2cd672ae.exe [2007-06-22 1078]
Updates from HP.lnk - c:\program files\Updates from HP\309731\Program\Updates from HP.exe [2004-10-21 45056]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Updates from HP\\309731\\Program\\Updates from HP.exe"=
"c:\\Program Files\\Support.com\\bin\\tgcmd.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"27424:TCP"= 27424:TCP:PORT_27424
"55895:TCP"= 55895:TCP:PORT_55895
"22351:TCP"= 22351:TCP:PORT_22351
"37832:TCP"= 37832:TCP:PORT_37832
"63582:TCP"= 63582:TCP:PORT_63582
"39023:TCP"= 39023:TCP:PORT_39023
"33086:TCP"= 33086:TCP:PORT_33086
"14641:TCP"= 14641:TCP:PORT_14641
"44266:TCP"= 44266:TCP:PORT_44266
"43820:TCP"= 43820:TCP:PORT_43820
"25645:TCP"= 25645:TCP:PORT_25645
"20461:TCP"= 20461:TCP:PORT_20461
"18211:TCP"= 18211:TCP:PORT_18211
"48976:TCP"= 48976:TCP:PORT_48976
"45492:TCP"= 45492:TCP:PORT_45492
"25414:TCP"= 25414:TCP:PORT_25414
"23466:TCP"= 23466:TCP:PORT_23466
"40663:TCP"= 40663:TCP:PORT_40663
"38785:TCP"= 38785:TCP:PORT_38785
"62895:TCP"= 62895:TCP:PORT_62895
"39778:TCP"= 39778:TCP:PORT_39778
"5670:TCP"= 5670:TCP:PORT_5670
"35461:TCP"= 35461:TCP:PORT_35461
"43537:TCP"= 43537:TCP:PORT_43537
"50867:TCP"= 50867:TCP:PORT_50867
"16004:TCP"= 16004:TCP:PORT_16004
"28320:TCP"= 28320:TCP:PORT_28320
"45618:TCP"= 45618:TCP:PORT_45618
"11551:TCP"= 11551:TCP:PORT_11551
"7211:TCP"= 7211:TCP:PORT_7211
"43683:TCP"= 43683:TCP:PORT_43683
"21410:TCP"= 21410:TCP:PORT_21410
"53527:TCP"= 53527:TCP:PORT_53527
"51996:TCP"= 51996:TCP:PORT_51996
"48067:TCP"= 48067:TCP:PORT_48067
"23958:TCP"= 23958:TCP:PORT_23958
"48293:TCP"= 48293:TCP:PORT_48293
"7000:TCP"= 7000:TCP:PORT_7000
"8606:TCP"= 8606:TCP:PORT_8606
"6220:TCP"= 6220:TCP:PORT_6220
"48733:TCP"= 48733:TCP:PORT_48733
"49148:TCP"= 49148:TCP:PORT_49148
"46273:TCP"= 46273:TCP:PORT_46273
"25055:TCP"= 25055:TCP:PORT_25055
"41324:TCP"= 41324:TCP:PORT_41324
"54851:TCP"= 54851:TCP:PORT_54851
"53098:TCP"= 53098:TCP:PORT_53098
"47023:TCP"= 47023:TCP:PORT_47023
"22574:TCP"= 22574:TCP:PORT_22574
"53406:TCP"= 53406:TCP:PORT_53406
"50938:TCP"= 50938:TCP:PORT_50938
"50555:TCP"= 50555:TCP:PORT_50555
"47746:TCP"= 47746:TCP:PORT_47746
"26230:TCP"= 26230:TCP:PORT_26230
"24658:TCP"= 24658:TCP:PORT_24658
"55805:TCP"= 55805:TCP:PORT_55805
"31295:TCP"= 31295:TCP:PORT_31295
"25226:TCP"= 25226:TCP:PORT_25226
"27105:TCP"= 27105:TCP:PORT_27105
"45789:TCP"= 45789:TCP:PORT_45789
"31305:TCP"= 31305:TCP:PORT_31305
"15532:TCP"= 15532:TCP:PORT_15532
"25136:TCP"= 25136:TCP:PORT_25136
"61636:TCP"= 61636:TCP:PORT_61636
"8004:TCP"= 8004:TCP:PORT_8004
"48328:TCP"= 48328:TCP:PORT_48328
"34872:TCP"= 34872:TCP:PORT_34872
"45434:TCP"= 45434:TCP:PORT_45434
"31465:TCP"= 31465:TCP:PORT_31465
"34688:TCP"= 34688:TCP:PORT_34688
"29824:TCP"= 29824:TCP:PORT_29824
"61523:TCP"= 61523:TCP:PORT_61523
"36036:TCP"= 36036:TCP:PORT_36036
"30395:TCP"= 30395:TCP:PORT_30395
"7633:TCP"= 7633:TCP:PORT_7633
"48270:TCP"= 48270:TCP:PORT_48270
"30664:TCP"= 30664:TCP:PORT_30664
"48051:TCP"= 48051:TCP:PORT_48051
"11278:TCP"= 11278:TCP:PORT_11278
"47801:TCP"= 47801:TCP:PORT_47801
"36293:TCP"= 36293:TCP:PORT_36293
"47386:TCP"= 47386:TCP:PORT_47386
"25933:TCP"= 25933:TCP:PORT_25933
"9476:TCP"= 9476:TCP:PORT_9476
"15340:TCP"= 15340:TCP:PORT_15340
"26652:TCP"= 26652:TCP:PORT_26652
"6981:TCP"= 6981:TCP:PORT_6981
"24011:TCP"= 24011:TCP:PORT_24011
"29161:TCP"= 29161:TCP:PORT_29161
"58258:TCP"= 58258:TCP:PORT_58258
"28613:TCP"= 28613:TCP:PORT_28613
"31078:TCP"= 31078:TCP:PORT_31078
"47511:TCP"= 47511:TCP:PORT_47511
"56277:TCP"= 56277:TCP:PORT_56277
"59636:TCP"= 59636:TCP:PORT_59636
"11048:TCP"= 11048:TCP:PORT_11048
"40133:TCP"= 40133:TCP:PORT_40133
"59914:TCP"= 59914:TCP:PORT_59914
"46566:TCP"= 46566:TCP:PORT_46566
"60981:TCP"= 60981:TCP:PORT_60981
"51164:TCP"= 51164:TCP:PORT_51164
"9598:TCP"= 9598:TCP:PORT_9598
"35016:TCP"= 35016:TCP:PORT_35016
"8763:TCP"= 8763:TCP:PORT_8763
"37996:TCP"= 37996:TCP:PORT_37996
"27808:TCP"= 27808:TCP:PORT_27808
"24313:TCP"= 24313:TCP:PORT_24313
"38348:TCP"= 38348:TCP:PORT_38348
"43793:TCP"= 43793:TCP:PORT_43793
"24852:TCP"= 24852:TCP:PORT_24852
"56688:TCP"= 56688:TCP:PORT_56688
"23136:TCP"= 23136:TCP:PORT_23136
"29961:TCP"= 29961:TCP:PORT_29961
"18638:TCP"= 18638:TCP:PORT_18638
"60242:TCP"= 60242:TCP:PORT_60242
"34958:TCP"= 34958:TCP:PORT_34958
"40730:TCP"= 40730:TCP:PORT_40730
"39824:TCP"= 39824:TCP:PORT_39824
"14976:TCP"= 14976:TCP:PORT_14976
"24656:TCP"= 24656:TCP:PORT_24656
"56650:TCP"= 56650:TCP:PORT_56650
"31539:TCP"= 31539:TCP:PORT_31539
"10863:TCP"= 10863:TCP:PORT_10863
"21636:TCP"= 21636:TCP:PORT_21636
"64797:TCP"= 64797:TCP:PORT_64797
"36652:TCP"= 36652:TCP:PORT_36652
"14098:TCP"= 14098:TCP:PORT_14098
"40043:TCP"= 40043:TCP:PORT_40043
"55871:TCP"= 55871:TCP:PORT_55871
"13356:TCP"= 13356:TCP:PORT_13356
"30886:TCP"= 30886:TCP:PORT_30886
"35676:TCP"= 35676:TCP:PORT_35676
"62489:TCP"= 62489:TCP:PORT_62489
"36236:TCP"= 36236:TCP:PORT_36236
"19542:TCP"= 19542:TCP:PORT_19542
"31736:TCP"= 31736:TCP:PORT_31736
"6153:TCP"= 6153:TCP:PORT_6153
"53695:TCP"= 53695:TCP:PORT_53695
"31871:TCP"= 31871:TCP:PORT_31871
"39175:TCP"= 39175:TCP:PORT_39175
"28508:TCP"= 28508:TCP:PORT_28508
"46386:TCP"= 46386:TCP:PORT_46386
"55183:TCP"= 55183:TCP:PORT_55183
"42371:TCP"= 42371:TCP:PORT_42371
"17836:TCP"= 17836:TCP:PORT_17836
"40579:TCP"= 40579:TCP:PORT_40579
"10614:TCP"= 10614:TCP:PORT_10614
"29191:TCP"= 29191:TCP:PORT_29191
"19851:TCP"= 19851:TCP:PORT_19851
"19020:TCP"= 19020:TCP:PORT_19020
"12645:TCP"= 12645:TCP:PORT_12645
"14611:TCP"= 14611:TCP:PORT_14611
"18066:TCP"= 18066:TCP:PORT_18066
"9481:TCP"= 9481:TCP:PORT_9481
"41590:TCP"= 41590:TCP:PORT_41590
"34815:TCP"= 34815:TCP:PORT_34815
"35680:TCP"= 35680:TCP:PORT_35680
"42523:TCP"= 42523:TCP:PORT_42523
"22848:TCP"= 22848:TCP:PORT_22848
"62680:TCP"= 62680:TCP:PORT_62680
"48886:TCP"= 48886:TCP:PORT_48886
"57289:TCP"= 57289:TCP:PORT_57289
"60508:TCP"= 60508:TCP:PORT_60508
"58293:TCP"= 58293:TCP:PORT_58293
"5676:TCP"= 5676:TCP:PORT_5676
"59148:TCP"= 59148:TCP:PORT_59148
"6680:TCP"= 6680:TCP:PORT_6680
"5961:TCP"= 5961:TCP:PORT_5961
"46324:TCP"= 46324:TCP:PORT_46324
"18598:TCP"= 18598:TCP:PORT_18598
"17113:TCP"= 17113:TCP:PORT_17113
"63183:TCP"= 63183:TCP:PORT_63183
"21988:TCP"= 21988:TCP:PORT_21988
"9164:TCP"= 9164:TCP:PORT_9164
"34398:TCP"= 34398:TCP:PORT_34398
"10023:TCP"= 10023:TCP:PORT_10023
"25294:TCP"= 25294:TCP:PORT_25294
"53708:TCP"= 53708:TCP:PORT_53708
"7809:TCP"= 7809:TCP:PORT_7809
"5898:TCP"= 5898:TCP:PORT_5898
"17094:TCP"= 17094:TCP:PORT_17094
"21351:TCP"= 21351:TCP:PORT_21351
"18633:TCP"= 18633:TCP:PORT_18633
"19320:TCP"= 19320:TCP:PORT_19320
"63793:TCP"= 63793:TCP:PORT_63793
"57761:TCP"= 57761:TCP:PORT_57761
"26579:TCP"= 26579:TCP:PORT_26579
"64008:TCP"= 64008:TCP:PORT_64008
"57223:TCP"= 57223:TCP:PORT_57223
"6508:TCP"= 6508:TCP:PORT_6508
"36070:TCP"= 36070:TCP:PORT_36070
"30402:TCP"= 30402:TCP:PORT_30402
"13398:TCP"= 13398:TCP:PORT_13398
"7961:TCP"= 7961:TCP:PORT_7961
"36449:TCP"= 36449:TCP:PORT_36449
"23941:TCP"= 23941:TCP:PORT_23941
"58398:TCP"= 58398:TCP:PORT_58398
"14664:TCP"= 14664:TCP:PORT_14664
"25004:TCP"= 25004:TCP:PORT_25004
"24086:TCP"= 24086:TCP:PORT_24086
"27098:TCP"= 27098:TCP:PORT_27098
"35316:TCP"= 35316:TCP:PORT_35316
"54543:TCP"= 54543:TCP:PORT_54543
"6711:TCP"= 6711:TCP:PORT_6711
"51016:TCP"= 51016:TCP:PORT_51016
"43074:TCP"= 43074:TCP:PORT_43074
"5117:TCP"= 5117:TCP:PORT_5117
"51574:TCP"= 51574:TCP:PORT_51574
"35383:TCP"= 35383:TCP:PORT_35383
"58230:TCP"= 58230:TCP:PORT_58230
"47192:TCP"= 47192:TCP:PORT_47192
"56730:TCP"= 56730:TCP:PORT_56730
"22395:TCP"= 22395:TCP:PORT_22395
"36043:TCP"= 36043:TCP:PORT_36043
"9173:TCP"= 9173:TCP:PORT_9173
"64023:TCP"= 64023:TCP:PORT_64023
"17039:TCP"= 17039:TCP:PORT_17039
"51730:TCP"= 51730:TCP:PORT_51730
"12325:TCP"= 12325:TCP:PORT_12325
"49965:TCP"= 49965:TCP:PORT_49965
"57996:TCP"= 57996:TCP:PORT_57996
"50883:TCP"= 50883:TCP:PORT_50883
"58715:TCP"= 58715:TCP:PORT_58715
"59345:TCP"= 59345:TCP:PORT_59345
"61465:TCP"= 61465:TCP:PORT_61465
"26336:TCP"= 26336:TCP:PORT_26336
"54333:TCP"= 54333:TCP:PORT_54333
"9314:TCP"= 9314:TCP:PORT_9314
"63325:TCP"= 63325:TCP:PORT_63325
"33516:TCP"= 33516:TCP:PORT_33516
"28258:TCP"= 28258:TCP:PORT_28258
"28407:TCP"= 28407:TCP:PORT_28407
"64871:TCP"= 64871:TCP:PORT_64871
"23985:TCP"= 23985:TCP:PORT_23985
"10117:TCP"= 10117:TCP:PORT_10117
"46882:TCP"= 46882:TCP:PORT_46882
"32086:TCP"= 32086:TCP:PORT_32086
"10289:TCP"= 10289:TCP:PORT_10289
"46398:TCP"= 46398:TCP:PORT_46398
"38433:TCP"= 38433:TCP:PORT_38433
"37238:TCP"= 37238:TCP:PORT_37238
"8570:TCP"= 8570:TCP:PORT_8570
"6485:TCP"= 6485:TCP:PORT_6485
"41615:TCP"= 41615:TCP:PORT_41615
"20051:TCP"= 20051:TCP:PORT_20051
"34717:TCP"= 34717:TCP:PORT_34717
"18101:TCP"= 18101:TCP:PORT_18101
"31645:TCP"= 31645:TCP:PORT_31645
"14329:TCP"= 14329:TCP:PORT_14329
"52371:TCP"= 52371:TCP:PORT_52371
"58211:TCP"= 58211:TCP:PORT_58211
"21418:TCP"= 21418:TCP:PORT_21418
"53574:TCP"= 53574:TCP:PORT_53574
"6048:TCP"= 6048:TCP:PORT_6048
"64152:TCP"= 64152:TCP:PORT_64152
"12231:TCP"= 12231:TCP:PORT_12231
"14133:TCP"= 14133:TCP:PORT_14133
"44386:TCP"= 44386:TCP:PORT_44386
"53250:TCP"= 53250:TCP:PORT_53250
"49061:TCP"= 49061:TCP:PORT_49061
"49433:TCP"= 49433:TCP:PORT_49433
"16357:TCP"= 16357:TCP:PORT_16357
"33011:TCP"= 33011:TCP:PORT_33011
"26911:TCP"= 26911:TCP:PORT_26911
"12001:TCP"= 12001:TCP:PORT_12001
"21695:TCP"= 21695:TCP:PORT_21695
"12316:TCP"= 12316:TCP:PORT_12316
"37465:TCP"= 37465:TCP:PORT_37465
"7164:TCP"= 7164:TCP:PORT_7164
"62527:TCP"= 62527:TCP:PORT_62527
"56523:TCP"= 56523:TCP:PORT_56523
"47235:TCP"= 47235:TCP:PORT_47235
"45886:TCP"= 45886:TCP:PORT_45886
"5450:TCP"= 5450:TCP:PORT_5450
"19004:TCP"= 19004:TCP:PORT_19004
"36011:TCP"= 36011:TCP:PORT_36011
"58000:TCP"= 58000:TCP:PORT_58000
"47481:TCP"= 47481:TCP:PORT_47481
"42230:TCP"= 42230:TCP:PORT_42230
"22207:TCP"= 22207:TCP:PORT_22207
"21075:TCP"= 21075:TCP:PORT_21075
"16653:TCP"= 16653:TCP:PORT_16653
"7769:TCP"= 7769:TCP:PORT_7769
"57563:TCP"= 57563:TCP:PORT_57563
"44324:TCP"= 44324:TCP:PORT_44324
"43606:TCP"= 43606:TCP:PORT_43606
"52266:TCP"= 52266:TCP:PORT_52266
"35816:TCP"= 35816:TCP:PORT_35816
"31760:TCP"= 31760:TCP:PORT_31760
"33145:TCP"= 33145:TCP:PORT_33145
"33383:TCP"= 33383:TCP:PORT_33383
"40028:TCP"= 40028:TCP:PORT_40028
"40871:TCP"= 40871:TCP:PORT_40871
"38485:TCP"= 38485:TCP:PORT_38485
"6660:TCP"= 6660:TCP:PORT_6660
"47136:TCP"= 47136:TCP:PORT_47136
"61105:TCP"= 61105:TCP:PORT_61105
"47735:TCP"= 47735:TCP:PORT_47735
"15898:TCP"= 15898:TCP:PORT_15898
"22762:TCP"= 22762:TCP:PORT_22762
"24045:TCP"= 24045:TCP:PORT_24045
"56398:TCP"= 56398:TCP:PORT_56398
"39308:TCP"= 39308:TCP:PORT_39308
"39950:TCP"= 39950:TCP:PORT_39950
"17395:TCP"= 17395:TCP:PORT_17395
"32652:TCP"= 32652:TCP:PORT_32652
"37007:TCP"= 37007:TCP:PORT_37007
"37329:TCP"= 37329:TCP:PORT_37329
"52246:TCP"= 52246:TCP:PORT_52246
"31895:TCP"= 31895:TCP:PORT_31895
"40996:TCP"= 40996:TCP:PORT_40996
"38903:TCP"= 38903:TCP:PORT_38903
"44293:TCP"= 44293:TCP:PORT_44293
"44255:TCP"= 44255:TCP:PORT_44255
"47980:TCP"= 47980:TCP:PORT_47980
"63430:TCP"= 63430:TCP:PORT_63430
"51965:TCP"= 51965:TCP:PORT_51965
"23879:TCP"= 23879:TCP:PORT_23879
"27324:TCP"= 27324:TCP:PORT_27324
"39235:TCP"= 39235:TCP:PORT_39235
"57213:TCP"= 57213:TCP:PORT_57213
"29539:TCP"= 29539:TCP:PORT_29539
"23033:TCP"= 23033:TCP:PORT_23033
"61090:TCP"= 61090:TCP:PORT_61090
"16981:TCP"= 16981:TCP:PORT_16981
"55523:TCP"= 55523:TCP:PORT_55523
"46715:TCP"= 46715:TCP:PORT_46715
"65250:TCP"= 65250:TCP:PORT_65250
"55800:TCP"= 55800:TCP:PORT_55800
"25461:TCP"= 25461:TCP:PORT_25461
"10758:TCP"= 10758:TCP:PORT_10758
"59402:TCP"= 59402:TCP:PORT_59402
"34833:TCP"= 34833:TCP:PORT_34833
"39626:TCP"= 39626:TCP:PORT_39626
"10184:TCP"= 10184:TCP:PORT_10184
"44757:TCP"= 44757:TCP:PORT_44757
"58574:TCP"= 58574:TCP:PORT_58574
"47324:TCP"= 47324:TCP:PORT_47324
"21654:TCP"= 21654:TCP:PORT_21654
"59355:TCP"= 59355:TCP:PORT_59355
"20762:TCP"= 20762:TCP:PORT_20762
"10930:TCP"= 10930:TCP:PORT_10930
"54398:TCP"= 54398:TCP:PORT_54398
"42746:TCP"= 42746:TCP:PORT_42746
"6793:TCP"= 6793:TCP:PORT_6793
"55918:TCP"= 55918:TCP:PORT_55918
"44636:TCP"= 44636:TCP:PORT_44636
"28123:TCP"= 28123:TCP:PORT_28123
"56121:TCP"= 56121:TCP:PORT_56121
"10676:TCP"= 10676:TCP:PORT_10676
"53594:TCP"= 53594:TCP:PORT_53594
"14723:TCP"= 14723:TCP:PORT_14723
"17805:TCP"= 17805:TCP:PORT_17805
"5606:TCP"= 5606:TCP:PORT_5606
"47135:TCP"= 47135:TCP:PORT_47135
"41808:TCP"= 41808:TCP:PORT_41808
"51418:TCP"= 51418:TCP:PORT_51418
"48039:TCP"= 48039:TCP:PORT_48039
"10226:TCP"= 10226:TCP:PORT_10226
"18158:TCP"= 18158:TCP:PORT_18158
"48636:TCP"= 48636:TCP:PORT_48636
"56136:TCP"= 56136:TCP:PORT_56136
"49246:TCP"= 49246:TCP:PORT_49246
"44892:TCP"= 44892:TCP:PORT_44892
"7785:TCP"= 7785:TCP:PORT_7785
"54760:TCP"= 54760:TCP:PORT_54760
"43208:TCP"= 43208:TCP:PORT_43208
"50705:TCP"= 50705:TCP:PORT_50705
"58758:TCP"= 58758:TCP:PORT_58758
"5726:TCP"= 5726:TCP:PORT_5726
"47500:TCP"= 47500:TCP:PORT_47500
"8121:TCP"= 8121:TCP:PORT_8121
"20676:TCP"= 20676:TCP:PORT_20676
"37642:TCP"= 37642:TCP:PORT_37642
"12795:TCP"= 12795:TCP:PORT_12795
"19195:TCP"= 19195:TCP:PORT_19195
"49019:TCP"= 49019:TCP:PORT_49019
"30871:TCP"= 30871:TCP:PORT_30871
"23254:TCP"= 23254:TCP:PORT_23254
"15938:TCP"= 15938:TCP:PORT_15938
"18332:TCP"= 18332:TCP:PORT_18332
"61633:TCP"= 61633:TCP:PORT_61633
"56879:TCP"= 56879:TCP:PORT_56879
"56961:TCP"= 56961:TCP:PORT_56961
"45485:TCP"= 45485:TCP:PORT_45485
"40797:TCP"= 40797:TCP:PORT_40797
"15816:TCP"= 15816:TCP:PORT_15816
"56719:TCP"= 56719:TCP:PORT_56719
"63648:TCP"= 63648:TCP:PORT_63648
"45954:TCP"= 45954:TCP:PORT_45954
"55836:TCP"= 55836:TCP:PORT_55836
"50758:TCP"= 50758:TCP:PORT_50758
"43645:TCP"= 43645:TCP:PORT_43645
"13863:TCP"= 13863:TCP:PORT_13863
"23906:TCP"= 23906:TCP:PORT_23906
"5760:TCP"= 5760:TCP:PORT_5760
"26000:TCP"= 26000:TCP:PORT_26000
"41363:TCP"= 41363:TCP:PORT_41363
"6926:TCP"= 6926:TCP:PORT_6926
"9316:TCP"= 9316:TCP:PORT_9316
"55680:TCP"= 55680:TCP:PORT_55680
"61557:TCP"= 61557:TCP:PORT_61557
"22180:TCP"= 22180:TCP:PORT_22180
"37160:TCP"= 37160:TCP:PORT_37160
"30391:TCP"= 30391:TCP:PORT_30391
"34356:TCP"= 34356:TCP:PORT_34356
"50196:TCP"= 50196:TCP:PORT_50196
"41752:TCP"= 41752:TCP:PORT_41752
"17738:TCP"= 17738:TCP:PORT_17738
"55213:TCP"= 55213:TCP:PORT_55213
"65320:TCP"= 65320:TCP:PORT_65320
"16040:TCP"= 16040:TCP:PORT_16040
"18266:TCP"= 18266:TCP:PORT_18266
"63215:TCP"= 63215:TCP:PORT_63215
"12755:TCP"= 12755:TCP:PORT_12755
"12441:TCP"= 12441:TCP:PORT_12441
"18770:TCP"= 18770:TCP:PORT_18770
"42724:TCP"= 42724:TCP:PORT_42724
"54410:TCP"= 54410:TCP:PORT_54410
"6982:TCP"= 6982:TCP:PORT_6982
"55720:TCP"= 55720:TCP:PORT_55720
"64885:TCP"= 64885:TCP:PORT_64885
"25008:TCP"= 25008:TCP:PORT_25008
"6141:TCP"= 6141:TCP:PORT_6141
"30247:TCP"= 30247:TCP:PORT_30247
"56391:TCP"= 56391:TCP:PORT_56391
"24422:TCP"= 24422:TCP:PORT_24422
"36004:TCP"= 36004:TCP:PORT_36004
"19875:TCP"= 19875:TCP:PORT_19875
"46060:TCP"= 46060:TCP:PORT_46060
"21716:TCP"= 21716:TCP:PORT_21716
"41524:TCP"= 41524:TCP:PORT_41524
"18885:TCP"= 18885:TCP:PORT_18885
"18848:TCP"= 18848:TCP:PORT_18848
"13106:TCP"= 13106:TCP:PORT_13106
"35073:TCP"= 35073:TCP:PORT_35073
"27810:TCP"= 27810:TCP:PORT_27810
"38329:TCP"= 38329:TCP:PORT_38329
"24070:TCP"= 24070:TCP:PORT_24070
"23220:TCP"= 23220:TCP:PORT_23220
"50141:TCP"= 50141:TCP:PORT_50141
"36050:TCP"= 36050:TCP:PORT_36050
"23727:TCP"= 23727:TCP:PORT_23727
"54086:TCP"= 54086:TCP:PORT_54086
"41316:TCP"= 41316:TCP:PORT_41316
"60266:TCP"= 60266:TCP:PORT_60266
"54586:TCP"= 54586:TCP:PORT_54586
"36582:TCP"= 36582:TCP:PORT_36582
"42326:TCP"= 42326:TCP:PORT_42326
"23045:TCP"= 23045:TCP:PORT_23045
"46563:TCP"= 46563:TCP:PORT_46563
"11000:TCP"= 11000:TCP:PORT_11000
"64570:TCP"= 64570:TCP:PORT_64570
"44473:TCP"= 44473:TCP:PORT_44473
"5004:TCP"= 5004:TCP:PORT_5004
"56383:TCP"= 56383:TCP:PORT_56383
"37785:TCP"= 37785:TCP:PORT_37785
"27594:TCP"= 27594:TCP:PORT_27594
"53825:TCP"= 53825:TCP:PORT_53825
"62933:TCP"= 62933:TCP:PORT_62933
"43351:TCP"= 43351:TCP:PORT_43351
"59242:TCP"= 59242:TCP:PORT_59242
"26379:TCP"= 26379:TCP:PORT_26379
"52242:TCP"= 52242:TCP:PORT_52242
"46907:TCP"= 46907:TCP:PORT_46907
"35326:TCP"= 35326:TCP:PORT_35326
"10535:TCP"= 10535:TCP:PORT_10535
"9063:TCP"= 9063:TCP:PORT_9063
"44851:TCP"= 44851:TCP:PORT_44851
"52070:TCP"= 52070:TCP:PORT_52070
"61211:TCP"= 61211:TCP:PORT_61211
"40645:TCP"= 40645:TCP:PORT_40645
"50523:TCP"= 50523:TCP:PORT_50523
"27082:TCP"= 27082:TCP:PORT_27082
"8352:TCP"= 8352:TCP:PORT_8352
"52207:TCP"= 52207:TCP:PORT_52207
"20613:TCP"= 20613:TCP:PORT_20613
"21985:TCP"= 21985:TCP:PORT_21985
"6575:TCP"= 6575:TCP:PORT_6575
"35482:TCP"= 35482:TCP:PORT_35482
"36832:TCP"= 36832:TCP:PORT_36832
"56086:TCP"= 56086:TCP:PORT_56086
"41164:TCP"= 41164:TCP:PORT_41164
"40504:TCP"= 40504:TCP:PORT_40504
"43223:TCP"= 43223:TCP:PORT_43223
"20629:TCP"= 20629:TCP:PORT_20629
"41008:TCP"= 41008:TCP:PORT_41008
"24887:TCP"= 24887:TCP:PORT_24887
"40164:TCP"= 40164:TCP:PORT_40164
"38383:TCP"= 38383:TCP:PORT_38383
"20533:TCP"= 20533:TCP:PORT_20533
"59716:TCP"= 59716:TCP:PORT_59716
"21606:TCP"= 21606:TCP:PORT_21606
"56570:TCP"= 56570:TCP:PORT_56570
"57819:TCP"= 57819:TCP:PORT_57819
"10235:TCP"= 10235:TCP:PORT_10235
"6473:TCP"= 6473:TCP:PORT_6473
"55728:TCP"= 55728:TCP:PORT_55728
"33841:TCP"= 33841:TCP:PORT_33841
"43301:TCP"= 43301:TCP:PORT_43301
"47320:TCP"= 47320:TCP:PORT_47320
"32352:TCP"= 32352:TCP:PORT_32352
"30591:TCP"= 30591:TCP:PORT_30591
"22844:TCP"= 22844:TCP:PORT_22844
"17754:TCP"= 17754:TCP:PORT_17754
"61605:TCP"= 61605:TCP:PORT_61605
"29066:TCP"= 29066:TCP:PORT_29066
"53930:TCP"= 53930:TCP:PORT_53930
"30455:TCP"= 30455:TCP:PORT_30455
"26665:TCP"= 26665:TCP:PORT_26665
"48430:TCP"= 48430:TCP:PORT_48430
"44008:TCP"= 44008:TCP:PORT_44008
"60238:TCP"= 60238:TCP:PORT_60238
"27488:TCP"= 27488:TCP:PORT_27488
"49649:TCP"= 49649:TCP:PORT_49649
"34165:TCP"= 34165:TCP:PORT_34165
"16466:TCP"= 16466:TCP:PORT_16466
"29548:TCP"= 29548:TCP:PORT_29548
"51148:TCP"= 51148:TCP:PORT_51148
"57523:TCP"= 57523:TCP:PORT_57523
"37423:TCP"= 37423:TCP:PORT_37423
"34853:TCP"= 34853:TCP:PORT_34853
"24216:TCP"= 24216:TCP:PORT_24216
"16743:TCP"= 16743:TCP:PORT_16743
"62973:TCP"= 62973:TCP:PORT_62973
"33919:TCP"= 33919:TCP:PORT_33919
"19461:TCP"= 19461:TCP:PORT_19461
"48415:TCP"= 48415:TCP:PORT_48415
"21805:TCP"= 21805:TCP:PORT_21805
"61848:TCP"= 61848:TCP:PORT_61848
"5681:TCP"= 5681:TCP:PORT_5681
"60450:TCP"= 60450:TCP:PORT_60450
"56992:TCP"= 56992:TCP:PORT_56992
"45716:TCP"= 45716:TCP:PORT_45716
"28670:TCP"= 28670:TCP:PORT_28670
"36903:TCP"= 36903:TCP:PORT_36903
"45482:TCP"= 45482:TCP:PORT_45482
"9766:TCP"= 9766:TCP:PORT_9766
"47785:TCP"= 47785:TCP:PORT_47785
"26766:TCP"= 26766:TCP:PORT_26766
"61770:TCP"= 61770:TCP:PORT_61770
"6285:TCP"= 6285:TCP:PORT_6285
"47226:TCP"= 47226:TCP:PORT_47226
"17850:TCP"= 17850:TCP:PORT_17850
"14703:TCP"= 14703:TCP:PORT_14703
"12379:TCP"= 12379:TCP:PORT_12379
"42395:TCP"= 42395:TCP:PORT_42395
"11328:TCP"= 11328:TCP:PORT_11328
"30598:TCP"= 30598:TCP:PORT_30598
"13270:TCP"= 13270:TCP:PORT_13270
"38219:TCP"= 38219:TCP:PORT_38219
"23926:TCP"= 23926:TCP:PORT_23926
"32000:TCP"= 32000:TCP:PORT_32000
"56867:TCP"= 56867:TCP:PORT_56867
"65477:TCP"= 65477:TCP:PORT_65477
"40129:TCP"= 40129:TCP:PORT_40129
"30969:TCP"= 30969:TCP:PORT_30969
"58164:TCP"= 58164:TCP:PORT_58164
"51672:TCP"= 51672:TCP:PORT_51672
"27551:TCP"= 27551:TCP:PORT_27551
"25844:TCP"= 25844:TCP:PORT_25844
"22918:TCP"= 22918:TCP:PORT_22918
"62000:TCP"= 62000:TCP:PORT_62000
"12363:TCP"= 12363:TCP:PORT_12363
"31379:TCP"= 31379:TCP:PORT_31379
"51360:TCP"= 51360:TCP:PORT_51360
"60600:TCP"= 60600:TCP:PORT_60600
"60633:TCP"= 60633:TCP:PORT_60633
"50516:TCP"= 50516:TCP:PORT_50516
"34747:TCP"= 34747:TCP:PORT_34747
"60648:TCP"= 60648:TCP:PORT_60648
"55848:TCP"= 55848:TCP:PORT_55848
"22430:TCP"= 22430:TCP:PORT_22430
"34547:TCP"= 34547:TCP:PORT_34547
"44887:TCP"= 44887:TCP:PORT_44887
"8613:TCP"= 8613:TCP:PORT_8613
"11488:TCP"= 11488:TCP:PORT_11488
"46383:TCP"= 46383:TCP:PORT_46383
"32281:TCP"= 32281:TCP:PORT_32281
"44820:TCP"= 44820:TCP:PORT_44820
"48786:TCP"= 48786:TCP:PORT_48786
"57747:TCP"= 57747:TCP:PORT_57747
"10969:TCP"= 10969:TCP:PORT_10969
"63523:TCP"= 63523:TCP:PORT_63523
"44735:TCP"= 44735:TCP:PORT_44735
"34102:TCP"= 34102:TCP:PORT_34102
"20938:TCP"= 20938:TCP:PORT_20938
"55246:TCP"= 55246:TCP:PORT_55246
"55575:TCP"= 55575:TCP:PORT_55575
"62173:TCP"= 62173:TCP:PORT_62173
"34020:TCP"= 34020:TCP:PORT_34020
"7051:TCP"= 7051:TCP:PORT_7051
"54770:TCP"= 54770:TCP:PORT_54770
"58023:TCP"= 58023:TCP:PORT_58023
"35685:TCP"= 35685:TCP:PORT_35685
"28881:TCP"= 28881:TCP:PORT_28881
"40011:TCP"= 40011:TCP:PORT_40011
"38180:TCP"= 38180:TCP:PORT_38180
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-01-26 64160]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-18 950096]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2007-05-09 24652]
S3 epstw2k;SCM Parallel Port SCSI Driver;c:\windows\system32\drivers\epstw2k.sys [2005-01-25 114944]
S3 scsiscan;SCSI Scanner Driver;c:\windows\system32\drivers\scsiscan.sys [2005-01-25 11520]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
2009-02-10 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-02-09 22:34]
2007-05-17 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2005-09-09 13:21]
.
.
------- Supplementary Scan -------
.
uDefault_Search_URL =
hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopuSearchMigratedDefaultURL =
hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearch Bar =
hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopuInternet Settings,ProxyServer =
hxxp://proxy/:8080uSearchURL,(Default) =
hxxp://www.google.com/search?q=%s
IE: &Winamp Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add To HP Organize... - c:\progra~1\HEWLET~1\HPORGA~1\bin/module.main/favorites\ie_add_to.html
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
Trusted Zone: microsoft.com\*.update
Trusted Zone: microsoft.com\*.windowsupdate
Trusted Zone: microsoft.com \*.update
Trusted Zone: windowsupdate.com
Trusted Zone: windowsupdate.com \download
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-02-12 04:14:31
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
tgcmd = "c:\program files\Support.com\bin\tgcmd.exe" /server?cmd.exe" /server
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-130975665-589280043-1178334690-1009\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
Completion time: 2009-02-12 4:17:10
ComboFix-quarantined-files.txt 2009-02-12 09:16:50
ComboFix2.txt 2009-02-10 08:58:37
Pre-Run: 10,180,710,400 bytes free
Post-Run: 10,246,742,016 bytes free
932 --- E O F --- 2009-02-12 08:53:51
And now the HijackThis log.Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:32:00 AM, on 2/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\AGRSMMSG.exe
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe
C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://charter.msn.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer =
http://proxy/:8080R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Startup: HP Organize.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: LaunchU3.exe.lnk = ?
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add To HP Organize... - C:\PROGRA~1\HEWLET~1\HPORGA~1\bin/module.main/favorites\ie_add_to.html
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone:
http://*.update.microsoft.com O15 - Trusted Zone:
http://*.windowsupdate.comO15 - Trusted Zone:
http://download.windowsupdate.com O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) -
https://support.microsoft.com/OAS/ActiveX/odc.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupda ... 1108502796O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftup ... 9239124796O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) -
http://www.kodakgallery.com/downloads/B ... ofupld.cabO16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) -
http://www.kodakgallery.com/downloads/B ... ofupld.cabO16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) -
http://dl8-cdn-01.sun.com/s/ESD7/JSCDL/ ... 586-jc.cabO23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 11804 bytes