ComboFix 09-06-23.01 - Patrik 06/25/2009 9:44.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.625 [GMT -4:00]
Running from: c:\documents and settings\Patrik\Desktop\Toolbars\Orbit Downloader\ComboFix.exe
Command switches used :: c:\documents and settings\Patrik\Desktop\CFScript.txt
AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
* Created a new restore point
FILE ::
"c:\docume~1\Bryan\LOCALS~1\Temp\Temporary Directory 1 for Adobe CS4 Keygen.zip\Adobe Photoshop CS4 Keygen.exe"
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Patrik\Application Data\uTorrent
c:\documents and settings\Patrik\Application Data\uTorrent\[NDS]Grand_Theft_Auto_Chinatown_Wars[USA][ESPALNDS.com].zip.torrent
c:\documents and settings\Patrik\Application Data\uTorrent\0431 - Metroid Prime Hunters (E) ds.torrent
c:\documents and settings\Patrik\Application Data\uTorrent\12 Barbie Movies - dvdrip xvid.torrent
c:\documents and settings\Patrik\Application Data\uTorrent\Barbie fairytopia mermaidia-david244us.avi.torrent
c:\documents and settings\Patrik\Application Data\uTorrent\Barbie.And.The.Diamond.Castle.2008.DVDRiP.XViD.torrent
c:\documents and settings\Patrik\Application Data\uTorrent\Battlezone II.zip.torrent
c:\documents and settings\Patrik\Application Data\uTorrent\Dark.Reign.2.game.patches.key.dl instructions.and.maps.zip.torrent
c:\documents and settings\Patrik\Application Data\uTorrent\dht.dat
c:\documents and settings\Patrik\Application Data\uTorrent\dht.dat.old
c:\documents and settings\Patrik\Application Data\uTorrent\Fate 2 - Undiscovered Realms.torrent
c:\documents and settings\Patrik\Application Data\uTorrent\One Piece 200 Hentai Pics.rar.torrent
c:\documents and settings\Patrik\Application Data\uTorrent\resume.dat
c:\documents and settings\Patrik\Application Data\uTorrent\resume.dat.old
c:\documents and settings\Patrik\Application Data\uTorrent\rss.dat
c:\documents and settings\Patrik\Application Data\uTorrent\rss.dat.old
c:\documents and settings\Patrik\Application Data\uTorrent\settings.dat
c:\documents and settings\Patrik\Application Data\uTorrent\settings.dat.old
c:\documents and settings\Patrik\Application Data\uTorrent\Spore-RELOADED + crackfix + keygen.torrent
c:\documents and settings\Patrik\Application Data\uTorrent\Star.Trek.Deluxe.Quality.DVDRip.2009.torrent
c:\documents and settings\Patrik\Application Data\uTorrent\utorrent.lng
.
((((((((((((((((((((((((( Files Created from 2009-05-25 to 2009-06-25 )))))))))))))))))))))))))))))))
.
2009-06-25 04:32 . 2009-06-25 04:32 -------- dc----w- c:\windows\system32\dllcache\cache
2009-06-21 00:55 . 2009-06-21 00:55 -------- d-----w- c:\program files\Trend Micro
2009-06-16 21:11 . 2009-06-16 21:11 -------- d-----w- c:\documents and settings\Patrik\Local Settings\Application Data\AIM
2009-06-16 21:11 . 2009-06-16 21:11 -------- d-----w- c:\documents and settings\All Users\Application Data\AIM
2009-06-16 01:47 . 2009-06-16 01:47 -------- d-----w- c:\documents and settings\Patrik\Application Data\DivX
2009-06-15 14:02 . 2009-06-15 14:02 -------- d-----r- c:\documents and settings\Patrik\Application Data\Brother
2009-06-14 21:09 . 2009-06-14 21:09 -------- d-----w- c:\documents and settings\LocalService\Application Data\DivX
2009-06-14 17:05 . 2009-05-01 21:03 9464 ------w- c:\windows\system32\drivers\cdralw2k.sys
2009-06-14 17:05 . 2009-05-01 21:03 9336 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2009-06-14 17:05 . 2009-05-01 21:03 129784 ------w- c:\windows\system32\pxafs.dll
2009-06-14 17:04 . 2009-06-14 17:04 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-06-14 17:04 . 2009-06-14 17:05 -------- d-----w- c:\program files\DivX
2009-06-10 14:47 . 2009-06-10 14:47 -------- d-----w- c:\documents and settings\Patrik\Application Data\WildTangent
2009-06-10 14:46 . 2009-06-10 14:48 -------- d-----w- c:\documents and settings\All Users\Application Data\WildTangent
2009-06-10 14:42 . 2009-06-10 14:46 -------- d-----w- c:\program files\WildGames
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-25 13:32 . 2009-03-28 03:30 -------- d-----w- c:\documents and settings\Patrik\Application Data\Orbit
2009-06-25 04:35 . 2009-03-28 03:30 -------- d-----w- c:\program files\Orbitdownloader
2009-06-25 03:57 . 2009-03-28 05:54 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-21 19:11 . 2009-02-02 00:46 -------- d-----w- c:\program files\Battlezone II
2009-06-16 21:12 . 2008-12-18 22:04 -------- d-----w- c:\program files\AIM6
2009-06-02 17:23 . 2009-05-02 00:54 -------- d-----w- c:\program files\Hotspot Shield
2009-05-20 19:54 . 2009-04-03 18:18 33840 ----a-w- c:\windows\system32\drivers\HssDrv.sys
2009-05-19 05:22 . 2008-12-18 02:14 55880 ----a-w- c:\documents and settings\Patrik\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-19 05:03 . 2009-05-19 05:03 50 ----a-w- c:\windows\system32\bridf08b.dat
2009-05-19 05:03 . 2009-05-19 05:03 -------- d-----w- c:\program files\Brother
2009-05-19 05:03 . 2004-09-28 20:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-19 04:57 . 2009-05-19 04:57 -------- d-----w- c:\documents and settings\Patrik\Application Data\InstallShield
2009-05-19 04:56 . 2009-05-19 04:56 10134 ----a-r- c:\documents and settings\Patrik\Application Data\Microsoft\Installer\{2BC2781A-F7F6-452E-95EB-018A522F1B2C}\ARPPRODUCTICON.exe
2009-05-19 04:56 . 2009-05-19 04:56 -------- d-----w- c:\program files\Nuance
2009-05-19 04:55 . 2009-05-19 04:54 -------- d-----w- c:\documents and settings\All Users\Application Data\ScanSoft
2009-05-19 04:55 . 2009-05-19 04:55 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2009-05-19 04:55 . 2009-05-19 04:54 -------- d-----w- c:\program files\Common Files\ScanSoft Shared
2009-05-19 04:54 . 2004-09-28 20:14 -------- d-----w- c:\program files\Common Files\InstallShield
2009-05-19 04:54 . 2009-05-19 04:54 -------- d-----w- c:\program files\ScanSoft
2009-05-19 04:54 . 2009-05-19 04:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Brother
2009-05-18 22:00 . 2009-04-02 00:53 -------- d-----w- c:\program files\TVUPlayer
2009-05-18 21:59 . 2009-05-18 21:59 -------- d-----w- c:\documents and settings\All Users\Application Data\TVU Networks
2009-05-11 20:44 . 2008-12-18 22:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint
2009-05-11 20:41 . 2009-01-09 22:46 -------- d-----w- c:\program files\iTunes
2009-05-11 20:41 . 2009-01-09 22:45 -------- d-----w- c:\program files\Common Files\Apple
2009-05-11 20:39 . 2004-09-28 23:12 -------- d-----w- c:\program files\Google
2009-05-08 21:13 . 2009-05-08 21:13 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL Downloads
2009-05-07 01:51 . 2009-05-07 01:51 -------- d-----w- c:\program files\Total Video Converter 3-21
2009-05-07 01:38 . 2009-05-07 01:38 -------- d-----w- c:\documents and settings\Patrik\Application Data\TVU networks
2009-05-07 01:37 . 2009-05-07 01:37 -------- d-----w- c:\program files\TVUBroadcast
2009-05-04 23:56 . 2009-05-04 23:56 -------- d-----w- c:\program files\BZ2ME
2009-05-04 20:32 . 2009-05-04 20:32 -------- d-----w- c:\program files\Foxit Software
2009-05-04 20:32 . 2009-05-04 20:32 -------- d-----w- c:\documents and settings\Patrik\Application Data\Foxit
2009-05-04 19:07 . 2009-05-20 02:29 2298680 ----a-w- c:\documents and settings\Patrik\Application Data\Mozilla\Firefox\Profiles\5wr5ssgs.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
2009-05-02 00:54 . 2009-05-02 00:54 0 ----a-w- c:\windows\system32\cd.dat
2009-05-01 21:03 . 2004-09-28 23:09 120056 ------w- c:\windows\system32\pxcpyi64.exe
2009-05-01 21:03 . 2004-09-28 23:09 118520 ------w- c:\windows\system32\pxinsi64.exe
2009-05-01 21:03 . 2004-09-28 20:02 43528 ------w- c:\windows\system32\drivers\pxhelp20.sys
2009-05-01 21:02 . 2009-05-01 21:02 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-05-01 21:02 . 2009-05-01 21:02 823296 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-05-01 21:02 . 2009-05-01 21:02 823296 ----a-w- c:\windows\system32\divx_xx07.dll
2009-05-01 21:02 . 2009-05-01 21:02 815104 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-05-01 21:02 . 2009-05-01 21:02 811008 ----a-w- c:\windows\system32\divx_xx16.dll
2009-05-01 21:02 . 2009-05-01 21:02 802816 ----a-w- c:\windows\system32\divx_xx11.dll
2009-05-01 21:02 . 2009-05-01 21:02 685056 ----a-w- c:\windows\system32\DivX.dll
2009-04-25 03:22 . 2009-04-25 03:22 4096 ----a-w- c:\windows\system32\drivers\nocashio.sys
2009-04-20 05:40 . 2009-05-08 21:13 2884832 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4418\vwpt.exe
2009-04-20 05:40 . 2009-05-08 21:13 28 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4418\unregister.bat
2009-04-20 05:40 . 2009-05-08 21:13 376568 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4418\unagi3.exe
2009-04-20 05:39 . 2009-05-08 21:13 1484496 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4418\toolbar.exe
2009-04-20 05:39 . 2009-05-08 21:13 383128 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4418\tbsetup.exe
2009-04-20 05:39 . 2009-05-08 21:13 11568 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4418\tbinst.dll
2009-04-20 05:39 . 2009-05-08 21:13 36704 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4418\postproc.exe
2009-04-20 05:39 . 2009-05-08 21:13 25 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4418\register.bat
2009-04-20 05:39 . 2009-05-08 21:13 172840 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4418\setup.exe
2009-04-20 05:37 . 2009-05-08 21:13 4478456 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4418\ocpinst.exe
2009-04-20 05:37 . 2009-05-08 21:13 15144 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4418\ocpchk.dll
2009-04-20 05:37 . 2009-05-08 21:13 1225352 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4418\msvc9rt.exe
2009-04-20 05:37 . 2009-05-08 21:13 231728 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4418\migrator.exe
2009-04-20 05:37 . 2009-05-08 21:13 74536 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4418\instSup.dll
2009-04-20 05:37 . 2009-05-08 21:13 10544 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4418\imappver.dll
2009-04-20 05:36 . 2009-05-08 21:13 97072 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4418\bsetutil.exe
2009-04-20 05:36 . 2009-05-08 21:13 1025328 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4418\gui.dll
2009-04-20 05:36 . 2009-05-08 21:13 120368 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4418\aoldlmgr.exe
2009-04-20 05:36 . 2009-05-08 21:13 69104 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4418\amos.exe
2009-04-20 05:36 . 2009-05-08 21:13 37888 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4418\amoinst.exe
2009-04-20 05:36 . 2009-05-08 21:13 30512 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4418\Uninstaller.exe
2009-04-20 05:36 . 2009-05-08 21:13 142040 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4418\alsetup.exe
2009-04-20 05:36 . 2009-05-08 21:13 83752 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4418\ProgUpd.dll
2009-04-20 05:36 . 2009-05-08 21:13 95792 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4418\AOLFirewallMgr.dll
2009-04-20 05:36 . 2009-05-08 21:13 111920 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4418\AOLSearch.dll
2009-04-20 05:35 . 2009-05-08 21:13 2401960 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4418\AIMinst.exe
2009-04-20 05:35 . 2009-05-08 21:13 548296 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4418\AIMLang.exe
2009-04-19 04:51 . 2009-04-19 04:51 8854 ----a-r- c:\documents and settings\Patrik\Application Data\Microsoft\Installer\{0B2D20D2-78D9-485A-B4CF-7025AB96F8CF}\UNINST_Uninstall_G_0B2D20D278D9485AB4CF7025AB96F8CF.exe
2009-04-19 04:51 . 2009-04-19 04:51 40960 ----a-r- c:\documents and settings\Patrik\Application Data\Microsoft\Installer\{0B2D20D2-78D9-485A-B4CF-7025AB96F8CF}\gta_lc.exe1_0B2D20D278D9485AB4CF7025AB96F8CF.exe
2009-04-19 04:51 . 2009-04-19 04:51 40960 ----a-r- c:\documents and settings\Patrik\Application Data\Microsoft\Installer\{0B2D20D2-78D9-485A-B4CF-7025AB96F8CF}\gta_lc.exe_0B2D20D278D9485AB4CF7025AB96F8CF.exe
2009-04-19 04:51 . 2009-04-19 04:51 2238 ----a-r- c:\documents and settings\Patrik\Application Data\Microsoft\Installer\{0B2D20D2-78D9-485A-B4CF-7025AB96F8CF}\ARPPRODUCTICON.exe
2009-04-14 23:51 . 2009-04-14 23:51 8854 ----a-r- c:\documents and settings\Patrik\Application Data\Microsoft\Installer\{C417C098-BAFB-4231-85F7-A7E10638EBBA}\UNINST_Uninstall_G_125A40E7334C4E9DA86FF4A5DFAF8557.exe
2009-04-14 23:51 . 2009-04-14 23:51 25214 ----a-r- c:\documents and settings\Patrik\Application Data\Microsoft\Installer\{C417C098-BAFB-4231-85F7-A7E10638EBBA}\gtaw02.exe1_F501CF454CD2470781782D480D8968C9.exe
2009-04-14 23:51 . 2009-04-14 23:51 25214 ----a-r- c:\documents and settings\Patrik\Application Data\Microsoft\Installer\{C417C098-BAFB-4231-85F7-A7E10638EBBA}\gtaw02.exe_86CA2BBFCF064767AB995E1D110DA77F.exe
2009-04-14 23:51 . 2009-04-14 23:51 25214 ----a-r- c:\documents and settings\Patrik\Application Data\Microsoft\Installer\{C417C098-BAFB-4231-85F7-A7E10638EBBA}\ARPPRODUCTICON.exe
2009-04-14 01:41 . 2009-04-14 01:41 207872 ----a-w- c:\documents and settings\Patrik\Application Data\SystemRequirementsLab\SRLProxy_srl_4.dll
2009-04-14 01:41 . 2009-04-14 01:41 207872 ----a-w- c:\documents and settings\Patrik\Application Data\SystemRequirementsLab\SRLProxy_srl_3.dll
2009-04-14 01:41 . 2009-04-14 01:41 207872 ----a-w- c:\documents and settings\Patrik\Application Data\SystemRequirementsLab\SRLProxy_srl_2.dll
2009-04-14 01:41 . 2009-04-14 01:41 207872 ----a-w- c:\documents and settings\Patrik\Application Data\SystemRequirementsLab\SRLProxy_srl_1.dll
2009-04-12 21:01 . 2009-01-15 21:09 520192 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\NGMDll.dll
2009-04-12 00:51 . 2009-04-11 13:55 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-04-01 20:24 . 2009-04-01 20:24 152576 ----a-w- c:\documents and settings\Patrik\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-03-28 03:59 . 2009-03-28 03:59 27136 ----a-w- c:\windows\~GLH0000.TMP
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\docume~1\Bryan\LOCALS~1\Temp ----
((((((((((((((((((((((((((((( SnapShot@2009-06-25_04.28.09 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-06-25 13:30 . 2009-06-25 13:30 16384 c:\windows\Temp\Perflib_Perfdata_408.dat
+ 2009-06-25 04:32 . 2008-10-16 19:09 51224 c:\windows\system32\dllcache\cache\wuauclt.exe
+ 2009-06-25 04:32 . 2008-04-14 00:12 82432 c:\windows\system32\dllcache\cache\ws2_32.dll
+ 2009-06-25 04:32 . 2008-04-14 00:12 26112 c:\windows\system32\dllcache\cache\userinit.exe
+ 2009-06-25 04:32 . 2008-04-14 00:12 14336 c:\windows\system32\dllcache\cache\svchost.exe
+ 2009-06-25 04:32 . 2008-04-14 00:12 57856 c:\windows\system32\dllcache\cache\spoolsv.exe
+ 2009-06-25 04:32 . 2008-04-14 00:12 17408 c:\windows\system32\dllcache\cache\powrprof.dll
+ 2009-06-25 04:32 . 2008-04-14 00:12 13312 c:\windows\system32\dllcache\cache\lsass.exe
+ 2009-06-25 04:32 . 2008-04-13 18:39 24576 c:\windows\system32\dllcache\cache\kbdclass.sys
+ 2009-06-25 04:32 . 2008-04-13 18:53 36608 c:\windows\system32\dllcache\cache\ip6fw.sys
+ 2009-06-25 04:32 . 2008-04-14 00:12 15360 c:\windows\system32\dllcache\cache\ctfmon.exe
+ 2009-06-25 04:32 . 2008-04-14 00:12 507904 c:\windows\system32\dllcache\cache\winlogon.exe
+ 2009-06-25 04:32 . 2008-10-16 01:00 666112 c:\windows\system32\dllcache\cache\wininet.dll
+ 2009-06-25 04:32 . 2008-04-14 00:12 578560 c:\windows\system32\dllcache\cache\user32.dll
+ 2009-06-25 04:32 . 2008-04-14 00:12 295424 c:\windows\system32\dllcache\cache\termsrv.dll
+ 2009-06-25 04:32 . 2008-06-20 11:51 361600 c:\windows\system32\dllcache\cache\tcpip.sys
+ 2009-06-25 04:32 . 2008-04-14 00:12 108544 c:\windows\system32\dllcache\cache\services.exe
+ 2009-06-25 04:32 . 2008-04-13 19:20 182656 c:\windows\system32\dllcache\cache\ndis.sys
+ 2009-06-25 04:32 . 2008-04-14 00:11 989696 c:\windows\system32\dllcache\cache\kernel32.dll
+ 2009-06-25 04:32 . 2008-04-14 00:11 110080 c:\windows\system32\dllcache\cache\imm32.dll
+ 2009-06-25 04:32 . 2008-04-14 00:11 167936 c:\windows\system32\dllcache\cache\appmgmts.dll
+ 2009-06-25 04:32 . 2008-04-14 00:12 1614848 c:\windows\system32\dllcache\cache\sfcfiles.dll
+ 2009-06-25 04:32 . 2008-08-14 10:09 2145280 c:\windows\system32\dllcache\cache\ntoskrnl.exe
+ 2009-06-25 04:32 . 2008-08-14 09:33 2023936 c:\windows\system32\dllcache\cache\ntkrnlpa.exe
+ 2009-06-25 04:32 . 2008-04-14 00:12 1033728 c:\windows\system32\dllcache\cache\explorer.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
2009-05-02 00:54 218160 ----a-w- c:\program files\Hotspot Shield\hssie\HssIE.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Patrik\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-12-18 133104]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2004-08-10 59392]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-09-10 344064]
"IAAnotif"="c:\program files\Intel\Intel Application Accelerator\iaanotif.exe" [2004-03-23 135168]
"sHotKey"="c:\program files\SONY\sHotKey\sHotKey.exe" [2003-08-22 45056]
"VAIO Update 2"="c:\program files\Sony\VAIO Update 2\VAIOUpdt.exe" [2004-01-17 135168]
"VAIO Recovery"="c:\windows\Sonysys\VAIO Recovery\PartSeal.exe" [2003-04-20 28672]
"QuickFinder Scheduler"="c:\program files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EXE" [2001-10-02 77887]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-01-18 506712]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-10-11 29984]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-10-11 46368]
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2008-02-19 1089536]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-12-21 86016]
"High Definition Audio Property Page Shortcut"="HDAudPropShortcut.exe" - c:\windows\system32\Hdaudpropshortcut.exe [2004-03-17 61952]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SoundMan.exe [2004-07-28 77824]
"AlcWzrd"="ALCWZRD.EXE" - c:\windows\ALCWZRD.EXE [2004-07-28 2551808]
c:\documents and settings\Patrik\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2009-3-27 576000]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Orbit.lnk - c:\program files\Orbitdownloader\orbitdm.exe [2009-3-27 1719496]
Wireless Configuration Utility.lnk - c:\program files\TRENDnet\TEW-424UB\WlanCU.exe [2007-7-10 634880]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitdm.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
"c:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"c:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"c:\\Program Files\\Army Men RTS\\Army Men RTS.exe"=
"c:\\Program Files\\TVUPlayer\\TVUPlayer.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\SIERRA\\Half-Life\\hlds.exe"=
"c:\\Program Files\\Battlezone II 11\\bzone.exe"=
"c:\\Program Files\\Sierra\\FEAR\\FEARServer.exe"=
"c:\\Program Files\\Sierra\\FEAR\\fpupdate.exe"=
"c:\\Program Files\\Sierra\\FEAR\\FEAR.exe"=
"c:\\Program Files\\Sierra\\FEAR\\FEARMP.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto\\WINO\\Grand Theft Auto.exe"=
"c:\\Program Files\\TVUBroadcast\\TVUBroadcast.exe"=
"c:\\Program Files\\AIM6\\aim.exe"=
"c:\\Program Files\\Battlezone II\\bzone.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58645:TCP"= 58645:TCP:Pando Media Booster
"58645:UDP"= 58645:UDP:Pando Media Booster
"17770:TCP"= 17770:TCP:ENABLE
"17770:UDP"= 17770:UDP:ENABLE
"17771:TCP"= 17771:TCP:ENABLE
"17771:UDP"= 17771:UDP:ENABLE
"17772:TCP"= 17772:TCP:ENABLE
"17772:UDP"= 17772:UDP:ENABLE
"17773:TCP"= 17773:TCP:ENABLE
"17773:UDP"= 17773:UDP:ENABLE
"17774:TCP"= 17774:TCP:ENABLE
"17774:UDP"= 17774:UDP:ENABLE
"17775:TCP"= 17775:TCP:ENABLE
"17775:UDP"= 17775:UDP:ENABLE
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [1/30/2009 10:51 AM Demented 64160]
R2 HssSrv;Hotspot Shield Helper Service;c:\program files\Hotspot Shield\HssWPR\hsssrv.exe [6/1/2009 2:13 PM Demented 331312]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [1/18/2009 5:34 PM Demented 921936]
R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;system32\libusbd-nt.exe --> system32\libusbd-nt.exe [?]
R2 NICSer_WUSB11;NICSer_WUSB11;c:\program files\Linksys\Wireless-B USB Network Adapter\NICServ.exe [10/26/2008 9:10 PM Demented 458752]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [4/7/2009 8:26 PM Demented 33792]
R3 RTL8187B;TRENDnet TEW-424UB 54M USB Dongle;c:\windows\system32\drivers\RTL8187B.sys [11/29/2008 8:25 PM Demented 264576]
R3 SjyPkt;SjyPkt;c:\windows\system32\drivers\SjyPkt.sys [10/3/2002 1:57 AM Demented 13532]
S3 akbdclas;akbdclas;\??\c:\docume~1\Patrik\LOCALS~1\Temp\akbdclas.sys --> c:\docume~1\Patrik\LOCALS~1\Temp\akbdclas.sys [?]
S3 apciidex;apciidex;\??\c:\docume~1\Patrik\LOCALS~1\Temp\apciidex.sys --> c:\docume~1\Patrik\LOCALS~1\Temp\apciidex.sys [?]
S3 ediskdum;ediskdum;\??\c:\docume~1\Patrik\LOCALS~1\Temp\ediskdum.sys --> c:\docume~1\Patrik\LOCALS~1\Temp\ediskdum.sys [?]
S3 HssTrayService;Hotspot Shield Tray Service;c:\program files\Hotspot Shield\bin\HssTrayService.exe [6/1/2009 2:58 PM Demented 34352]
S3 m4301a;Linksys Wireless-B USB Network Adapter v4.0 Driver;c:\windows\system32\drivers\m4301A.sys [10/26/2008 10:23 PM Demented 83552]
S3 PRISM_USB;Linksys Wireless-B USB Network Adapter Driver;c:\windows\system32\drivers\LSPMUSB.sys [10/26/2008 9:10 PM Demented 666624]
S3 SaegisP;SaegisP;\??\c:\docume~1\Patrik\LOCALS~1\Temp\SaegisP.sys --> c:\docume~1\Patrik\LOCALS~1\Temp\SaegisP.sys [?]
S3 tfdc;tfdc;\??\c:\docume~1\Patrik\LOCALS~1\Temp\tfdc.sys --> c:\docume~1\Patrik\LOCALS~1\Temp\tfdc.sys [?]
S3 VAIO Entertainment File Import Service;VAIO Entertainment File Import Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe [10/26/2008 5:27 PM Demented 118877]
S3 VAIO Entertainment UPnP Client Adapter;VAIO Entertainment UPnP Client Adapter;c:\program files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe -RunBySCM --> c:\program files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe -RunBySCM [?]
S3 yfastfat;yfastfat;\??\c:\docume~1\Patrik\LOCALS~1\Temp\yfastfat.sys --> c:\docume~1\Patrik\LOCALS~1\Temp\yfastfat.sys [?]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - SJYPKT
.
Contents of the 'Scheduled Tasks' folder
2009-06-19 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 21:34]
2009-06-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]
2009-06-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4005589452-2318379434-3939991973-1006.job
- c:\documents and settings\Patrik\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-12-18 02:14]
2009-06-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4005589452-2318379434-3939991973-1007.job
- c:\documents and settings\Bryan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-01-12 22:12]
2008-10-26 c:\windows\Tasks\Registration reminder 1.job
- c:\windows\system32\OOBE\oobebaln.exe [2004-09-28 00:12]
2008-10-26 c:\windows\Tasks\Registration reminder 2.job
- c:\windows\system32\OOBE\oobebaln.exe [2004-09-28 00:12]
2008-10-26 c:\windows\Tasks\Registration reminder 3.job
- c:\windows\system32\OOBE\oobebaln.exe [2004-09-28 00:12]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://search.orbitdownloader.comuSearchMigratedDefaultURL =
hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLH
uInternet Connection Wizard,ShellNext =
hxxp://www.sony.com/vaiopeopleuSearchURL,(Default) =
hxxp://www.google.com/search?q=%s
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: Download All by FlashGet - c:\program files\FlashGet\jc_all.htm
IE: Download using FlashGet - c:\program files\FlashGet\jc_link.htm
IE: Sothink SWF Catcher - c:\program files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
TCP: {6331A031-3BF1-4E08-890F-33ECCC758051} = 10.13.144.1
FF - ProfilePath -
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-06-25 09:52
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1120)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-06-25 9:58
ComboFix-quarantined-files.txt 2009-06-25 13:58
ComboFix2.txt 2009-06-25 04:33
Pre-Run: 26,957,746,176 bytes free
Post-Run: 26,939,850,752 bytes free
331 --- E O F --- 2009-01-14 04:15
for the VirusTotal scan. it couldn't find the file....
GMER 1.0.15.14972 -
http://www.gmer.netRootkit scan 2009-06-25 11:55:01
Windows 5.1.2600 Service Pack 3
---- System - GMER 1.0.15 ----
SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwCreateKey [0xF78DF87E]
SSDT F7EAC1E4 ZwCreateThread
SSDT F7EAC1D0 ZwOpenProcess
SSDT F7EAC1D5 ZwOpenThread
SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwSetValueKey [0xF78DFC10]
SSDT F7EAC1DF ZwTerminateProcess
SSDT F7EAC1DA ZwWriteVirtualMemory
Code \??\C:\DOCUME~1\Patrik\LOCALS~1\Temp\catchme.sys pIofCallDriver
---- Kernel code sections - GMER 1.0.15 ----
? C:\DOCUME~1\Patrik\LOCALS~1\Temp\catchme.sys The system cannot find the file specified. !
? C:\WINDOWS\system32\Drivers\PROCEXP90.SYS The system cannot find the file specified. !
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\Tcpip \Device\Tcp Lbd.sys (Boot Driver/Lavasoft AB)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 417404
---- EOF - GMER 1.0.15 ----
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:57:22 AM Demented, on 6/25/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\libusbd-nt.exe
C:\Program Files\Linksys\Wireless-B USB Network Adapter\NICServ.exe
C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\Program Files\SONY\sHotKey\sHotKey.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Documents and Settings\Patrik\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Hotspot Shield\bin\openvpntray.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://search.orbitdownloader.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://www.sony.com/vaiopeopleO2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (file missing)
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [sHotKey] "C:\Program Files\SONY\sHotKey\sHotKey.exe"
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EXE"
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Patrik\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
O8 - Extra context menu item: &Download by Orbit -
res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit -
res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit -
res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit -
res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll (file missing)
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.microsoft.com/microso ... 5076077000O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microso ... 5074629406O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cabO16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
http://download.mcafee.com/molbin/iss-l ... cfscan.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{6331A031-3BF1-4E08-890F-33ECCC758051}: NameServer = 10.13.144.1
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Helper Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) -
http://libusb-win32.sourceforge.net - C:\WINDOWS\system32\libusbd-nt.exe
O23 - Service: NICSer_WUSB11 - Unknown owner - C:\Program Files\Linksys\Wireless-B USB Network Adapter\NICServ.exe
O23 - Service: SonicStageMonitoring - Sony Corporation - C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
O23 - Service: Sony TVTA Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
--
End of file - 13477 bytes