ComboFix Log:
ComboFix 07-12-21.4 - Laura Rampey 2007-12-30 22:21:12.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.531 [GMT -5:00]
Running from: C:\Documents and Settings\Laura Rampey\Desktop\Applications\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Program Files\Qcvpjcsa
.
((((((((((((((((((((((((( Files Created from 2007-11-28 to 2007-12-31 )))))))))))))))))))))))))))))))
.
2007-12-29 02:15 . 2007-12-30 17:20 107,832 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2007-12-29 02:15 . 2007-12-30 17:20 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2007-12-29 02:14 . 2007-12-29 02:14 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2007-12-28 22:20 . 2007-12-28 22:27 <DIR> d-------- C:\Program Files\America's Army
2007-12-28 19:20 . 2007-12-28 19:20 <DIR> d-------- C:\Documents and Settings\Laura Rampey\Application Data\dvdcss
2007-12-28 16:19 . 2004-08-04 02:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2007-12-28 16:19 . 2004-08-04 02:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2007-12-28 16:19 . 2004-08-04 03:56 21,504 --a------ C:\WINDOWS\system32\hidserv.dll
2007-12-28 16:19 . 2004-08-04 03:56 21,504 --a--c--- C:\WINDOWS\system32\dllcache\hidserv.dll
2007-12-28 16:19 . 2004-08-04 01:58 14,848 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
2007-12-28 16:19 . 2004-08-04 01:58 14,848 --a--c--- C:\WINDOWS\system32\dllcache\kbdhid.sys
2007-12-28 16:19 . 2001-08-17 13:48 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2007-12-28 16:19 . 2001-08-17 13:48 12,160 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
2007-12-28 16:19 . 2001-08-17 14:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2007-12-28 16:19 . 2001-08-17 14:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2007-12-28 13:32 . 2007-12-28 13:32 33 --a------ C:\WINDOWS\system32\745ff611
2007-12-25 11:59 . 2007-12-25 11:59 <DIR> d-------- C:\Documents and Settings\Laura Rampey\Application Data\Apple Computer
2007-12-25 11:59 . 2007-12-30 17:33 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-25 11:59 . 2007-12-25 11:59 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-25 11:58 . 2007-12-25 11:58 <DIR> d-------- C:\Program Files\iTunes
2007-12-25 11:58 . 2007-12-25 11:58 <DIR> d-------- C:\Program Files\iPod
2007-12-25 11:56 . 2007-12-25 11:58 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-12-24 18:01 . 2007-12-24 18:01 <DIR> d-------- C:\Program Files\Nero
2007-12-24 18:01 . 2007-12-24 18:04 <DIR> d-------- C:\Program Files\Common Files\Ahead
2007-12-24 18:01 . 2007-12-24 18:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Nero
2007-12-23 23:03 . 2007-12-23 23:03 <DIR> d-------- C:\Program Files\Trend Micro
2007-12-18 20:50 . 2007-12-28 14:52 <DIR> d-------- C:\Program Files\alltoavi
2007-12-18 20:23 . 2007-12-18 20:44 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WinZip
2007-12-17 16:43 . 2007-10-24 17:18 1,648,011 -r-h----- C:\WINDOWS\dosapipop32.exe
2007-12-11 17:35 . 2007-12-11 17:35 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe
2007-12-11 17:35 . 2007-12-11 17:35 4,816 --a------ C:\WINDOWS\system32\divxsm.tlb
2007-12-11 17:34 . 2007-12-11 17:34 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-12-11 17:34 . 2007-12-11 17:34 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-12-11 17:34 . 2007-12-11 17:34 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-12-11 17:32 . 2007-12-11 17:32 352,401 --a------ C:\WINDOWS\system32\DivXMedia.ax
2007-12-11 17:32 . 2007-12-11 17:32 156,992 --a------ C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-12-11 17:32 . 2007-12-11 17:32 12,288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2007-12-11 10:57 . 2007-12-11 10:57 65,536 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2007-12-11 10:57 . 2007-12-11 10:57 49,152 --a------ C:\WINDOWS\system32\QuickTime.qts
2007-12-10 16:44 . 2007-12-10 16:44 <DIR> d-------- C:\Program Files\DAEMON Tools
2007-12-10 16:37 . 2007-12-10 16:37 685,816 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-12-06 17:06 . 2007-10-31 14:09 30,464 --a------ C:\WINDOWS\system32\drivers\usbaapl.sys
2007-12-06 17:02 . 2007-12-06 17:02 <DIR> d-------- C:\Program Files\Common Files\Apple
2007-11-24 18:42 . 2007-11-24 18:42 <DIR> d-------- C:\Program Files\Apple Software Update
2007-11-24 18:42 . 2007-11-24 18:42 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2007-11-19 16:33 . 2007-11-19 16:33 <DIR> d-------- C:\Program Files\CCleaner
2007-11-03 21:13 . 2007-11-03 21:13 <DIR> d-------- C:\Documents and Settings\Laura Rampey\Application Data\Uniblue
2007-11-03 20:53 . 2007-11-03 20:53 <DIR> d-------- C:\Program Files\GiPo@Utilities
2007-11-03 20:53 . 2007-11-03 20:53 <DIR> d-------- C:\Program Files\Common Files\Gibinsoft Shared
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-30 22:33 --------- d-----w C:\Program Files\Steam
2007-12-30 04:38 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k7
2007-12-30 04:38 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k6
2007-12-30 04:38 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k5
2007-12-30 04:38 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k4
2007-12-30 04:38 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k3
2007-12-30 04:38 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k2
2007-12-30 04:38 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k1
2007-12-30 04:38 186,062 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k0
2007-12-28 20:02 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-28 19:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2007-12-28 19:30 --------- d-----w C:\Program Files\Common Files\Adobe
2007-12-25 16:57 --------- d-----w C:\Program Files\QuickTime
2007-12-25 01:15 --------- d-----w C:\Documents and Settings\Laura Rampey\Application Data\Ahead
2007-12-24 21:42 --------- d-----w C:\Documents and Settings\Laura Rampey\Application Data\LimeWire
2007-12-24 04:30 --------- d--h--w C:\Program Files\Creative Installation Information
2007-12-24 04:30 --------- d-----w C:\Program Files\Creative
2007-12-23 03:32 --------- d-----w C:\Program Files\Java
2007-12-19 01:21 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2007-12-17 03:41 --------- d-----w C:\Program Files\DivX
2007-12-11 22:33 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2007-12-11 22:33 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2007-12-11 22:33 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-12-11 22:33 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2007-12-11 22:33 682,496 ----a-w C:\WINDOWS\system32\DivX.dll
2007-12-11 22:33 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-12-11 22:33 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-12-11 22:33 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-12-11 22:33 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-12-11 22:33 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-12-11 22:33 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-12-11 22:33 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-12-10 12:00 --------- d-----w C:\Documents and Settings\Laura Rampey\Application Data\U3
2007-11-24 16:48 --------- d-----w C:\Program Files\VstPlugins
2007-11-21 02:24 --------- d-----w C:\Documents and Settings\Laura Rampey\Application Data\MSN6
2007-11-13 22:35 --------- d-----w C:\Program Files\Silkroad
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-27 22:40 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-24 01:03 53,248 ----a-w C:\Interop.Shell32.dll
2007-10-24 01:03 45,056 ----a-w C:\dllhost32.exe
2007-10-24 01:03 23,510,720 ----a-w C:\dotnetfx.exe
2007-10-24 01:03 16,384 ----a-w C:\dll6wise.dll
2007-10-24 01:02 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-09-04 21:12 15,360 ----a-w C:\WINDOWS\system32\drvzozr.dll
2003-04-17 08:16 447,616 ----a-w C:\WINDOWS\inf\EL2K_N64.sys
2003-04-17 08:15 147,328 ----a-w C:\WINDOWS\inf\EL2K_XP.sys
2003-04-17 08:15 147,200 ----a-w C:\WINDOWS\inf\EL2K_2K.sys
.
((((((((((((((((((((((((((((( snapshot@2007-12-28_17.30.51.21 )))))))))))))))))))))))))))))))))))))))))
.
- 2003-09-15 20:13:10 27,648 ----a-r C:\WINDOWS\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C91.exe
+ 2007-12-28 23:24:57 27,648 ----a-r C:\WINDOWS\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C91.exe
+ 2005-02-06 00:45:26 2,222,800 ----a-w C:\WINDOWS\system32\d3dx9_24.dll
+ 2005-05-26 20:34:52 2,297,552 ----a-w C:\WINDOWS\system32\d3dx9_26.dll
+ 2005-07-23 00:59:04 2,319,568 ----a-w C:\WINDOWS\system32\d3dx9_27.dll
- 2005-12-05 22:09:18 2,323,664 ----a-w C:\WINDOWS\system32\d3dx9_28.dll
+ 2005-12-05 23:09:18 2,323,664 ----a-w C:\WINDOWS\system32\d3dx9_28.dll
+ 2006-02-03 13:43:16 2,332,368 ----a-w C:\WINDOWS\system32\d3dx9_29.dll
- 2006-03-31 16:40:58 2,388,176 ----a-w C:\WINDOWS\system32\d3dx9_30.dll
+ 2006-03-31 17:40:58 2,388,176 ----a-w C:\WINDOWS\system32\d3dx9_30.dll
+ 2006-02-03 13:41:26 14,032 ----a-w C:\WINDOWS\system32\x3daudio1_0.dll
+ 2006-02-03 13:42:06 230,096 ----a-w C:\WINDOWS\system32\xactengine2_0.dll
+ 2006-03-31 17:39:48 229,584 ----a-w C:\WINDOWS\system32\xactengine2_1.dll
+ 2006-05-31 12:24:16 230,168 ----a-w C:\WINDOWS\system32\xactengine2_2.dll
+ 2006-07-28 14:30:32 236,824 ----a-w C:\WINDOWS\system32\xactengine2_3.dll
+ 2006-03-31 17:39:24 62,672 ----a-w C:\WINDOWS\system32\xinput1_1.dll
+ 2006-07-28 14:30:14 62,744 ----a-w C:\WINDOWS\system32\xinput1_2.dll
+ 2005-12-05 23:07:30 61,136 ----a-w C:\WINDOWS\system32\xinput9_1_0.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="C:\Program Files\Steam\Steam.exe" [2007-12-28 18:20]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 19:03]
"MtdAcqu"="C:\PROGRA~1\Creative\MEDIAS~1\MtdAcqu.exe" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:56]
"SpeedItUpEX"="C:\Program Files\Speeditup Free\SpeedItUp.exe" []
"Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" []
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-08-16 06:24]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TCASUTIEXE"="TCAUDIAG.exe" []
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
"itype"="c:\Program Files\Microsoft IntelliType Pro\itype.exe" [2006-11-21 16:08]
"Launch Ai Booster"="C:\Program Files\ASUS\Ai Booster\OverClk.exe" [2003-12-12 20:17]
"WinFast Schedule"="C:\Program Files\WinFast\WFTVFM\WFWIZ.exe" [2007-05-22 09:14]
"cctray"="C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe" [2007-08-29 19:47]
"CAVRID"="C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe" [2007-08-29 19:47]
"cafwc"="C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe" [2007-08-29 20:11]
"QOELOADER"="C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe" [2007-08-29 19:47]
"capfasem"="C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe" [2007-08-29 20:11]
"capfupgrade"="C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe" [2007-08-29 20:11]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 11:35]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-12-11 10:56]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-12-11 12:10]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 00:01:04]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PFW]
UmxWnp.Dll 2007-05-18 13:30 79368 C:\WINDOWS\system32\UmxWNP.dll
R0 KmxStart;KmxStart;C:\WINDOWS\system32\DRIVERS\kmxstart.sys [2007-05-31 12:47]
R1 KmxAgent;KmxAgent;C:\WINDOWS\system32\DRIVERS\kmxagent.sys [2007-05-18 13:30]
R1 KmxFile;KmxFile;C:\WINDOWS\system32\DRIVERS\KmxFile.sys [2007-05-18 13:30]
R1 KmxFw;KmxFw;C:\WINDOWS\system32\DRIVERS\kmxfw.sys [2007-05-31 12:47]
R2 AsusGIO;AsusGIO;C:\Program Files\ASUS\Ai Booster\AsusGIO.sys [2003-11-26 20:15]
R2 BT848;WinFast TV2000 XP WDM Video Capture;C:\WINDOWS\system32\drivers\wf2kvcap.sys [2007-08-29 16:12]
R2 KmxCF;KmxCF;C:\WINDOWS\system32\DRIVERS\KmxCF.sys [2007-07-24 16:00]
R2 KmxSbx;KmxSbx;C:\WINDOWS\system32\DRIVERS\KmxSbx.sys [2007-05-18 13:30]
R2 tcaicchg;tcaicchg;C:\WINDOWS\System32\tcaicchg.sys [2000-06-06 13:08]
R2 TCAITDI;TCAITDI Protocol;C:\WINDOWS\system32\DRIVERS\TCAITDI.sys [2001-09-04 06:22]
R2 tv2ktunr;WinFast TV2000 XP WDM TVTuner;C:\WINDOWS\system32\drivers\wf2ktunr.sys [2007-08-29 16:12]
R2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar;C:\WINDOWS\system32\drivers\wf2kxbar.sys [2007-08-29 16:12]
R2 UmxAgent;HIPS Event Manager;"C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe" [2007-07-24 12:44]
R2 UmxCfg;HIPS Configuration Interpreter;"C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe" [2007-05-18 13:30]
R2 UmxPol;HIPS Policy Manager;"C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe" [2007-05-18 13:30]
R3 KmxCfg;KmxCfg;C:\WINDOWS\system32\DRIVERS\kmxcfg.sys [2007-05-18 13:30]
R3 WFIOCTL;WFIOCTL;C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS [2005-01-06 15:55]
S1 vcdrom;Virtual CD-ROM Device Driver;C:\Documents and Settings\Laura Rampey\My Documents\BitTorrent Downloads\Black.And.White.2.CloneCD.Images-NOBODY\black.and.white.2.disc.1.img []
S3 USBAAPL;Apple Mobile USB Driver;C:\WINDOWS\system32\Drivers\usbaapl.sys [2007-10-31 14:09]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{425de021-55ba-11dc-a9ce-000c6e64d187}]
\Shell\AutoRun\command - H:\LaunchU3.exe -a
.
Contents of the 'Scheduled Tasks' folder
"2007-12-24 15:54:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-12-28 06:35:06 C:\WINDOWS\Tasks\CAAntiSpywareScan_Daily as Laura Rampey at 8 39 PM.job"
- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAAntiSpyware.ex
- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\
.
**************************************************************************
catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-12-30 22:27:38
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-12-30 22:30:35
C:\ComboFix2.txt ... 2007-12-28 17:34
.
2007-12-12 00:37:35 --- E O F ---
HijackThis Log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:47:12 PM, on 12/30/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfsem.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\ASUS\Ai Booster\OverClk.exe
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\FredFlintstone.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://www.searchgat...gle...D:11&q=%s
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [Launch Ai Booster] C:\Program Files\ASUS\Ai Booster\OverClk.exe 1
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe"
O4 - HKLM\..\Run: [cafwc] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe -cl
O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe"
O4 - HKLM\..\Run: [capfasem] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
O4 - HKLM\..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MtdAcqu] "C:\PROGRA~1\Creative\MEDIAS~1\MtdAcqu.exe" /s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpeedItUpEX] C:\Program Files\Speeditup Free\SpeedItUp.exe -MINI
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.mi...b?1188346116686
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) -
https://h17000.www1....loadManager.ocx
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: HIPS Event Manager (UmxAgent) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
O23 - Service: HIPS Configuration Interpreter (UmxCfg) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
O23 - Service: HIPS Firewall Helper (UmxFwHlp) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
O23 - Service: HIPS Policy Manager (UmxPol) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
--
End of file - 8984 bytes
Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
