I noticed that whenever I google search, and then click on a link..it takes me to a different page, as in a different search engine entering my search terms
Here's the CF log
ComboFix 08-04-27.3 - Brandon Thepvongsa 2008-04-28 19:18:29.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.588 [GMT -7:00]
Running from: C:\Documents and Settings\Brandon Thepvongsa\desktop\combofix.exe
Command switches used :: /killall
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\NetworkService\Application Data\NetMon
C:\Documents and Settings\NetworkService\Application Data\NetMon\domains.txt
C:\Documents and Settings\NetworkService\Application Data\NetMon\log.txt
C:\Documents and Settings\Singha Thepvongsa\Application Data\WinAntiVirus Pro 2007
C:\Documents and Settings\Singha Thepvongsa\Application Data\WinAntiVirus Pro 2007\avtasks.dat
C:\Documents and Settings\Singha Thepvongsa\Application Data\WinAntiVirus Pro 2007\CookieList.dat
C:\Documents and Settings\Singha Thepvongsa\Application Data\WinAntiVirus Pro 2007\history.db
C:\Documents and Settings\Singha Thepvongsa\Application Data\WinAntiVirus Pro 2007\Logs\update.log
C:\Documents and Settings\Singha Thepvongsa\Application Data\WinAntiVirus Pro 2007\Logs\wa7Support.log
C:\Documents and Settings\Singha Thepvongsa\Application Data\WinAntiVirus Pro 2007\Logs\winav.log
C:\Documents and Settings\Singha Thepvongsa\Application Data\WinAntiVirus Pro 2007\PGE.dat
C:\Documents and Settings\Singha Thepvongsa\Application Data\WinTouch
C:\Program Files\SoftwareOnline
C:\Program Files\SoftwareOnline\soproc.exe
C:\WINDOWS\cookies.ini
C:\WINDOWS\lfn.exe
C:\WINDOWS\mainms.vpi
C:\WINDOWS\megavid.cdt
C:\WINDOWS\muotr.so
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\acccKkkj.ini
C:\WINDOWS\system32\acccKkkj.ini2
C:\WINDOWS\system32\aejneidn.ini
C:\WINDOWS\system32\aevtrfag.dll
C:\WINDOWS\system32\cxclivkg.dll
C:\WINDOWS\system32\eltitdmv.ini
C:\WINDOWS\system32\fccagksj.ini
C:\WINDOWS\system32\fkdyekiq.dll
C:\WINDOWS\system32\gafrtvea.ini
C:\WINDOWS\system32\gkvilcxc.ini
C:\WINDOWS\system32\hbtdvjht.dll
C:\WINDOWS\system32\iifeBRLF.dll
C:\WINDOWS\system32\imdqkbvb.ini
C:\WINDOWS\system32\kmrpkqha.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\mxxsfcme.ini
C:\WINDOWS\system32\nngnncrc.dll
C:\WINDOWS\system32\pelqhbgo.ini
C:\WINDOWS\system32\pmkkevry.dll
C:\WINDOWS\system32\pqexnlnw.ini
C:\WINDOWS\system32\pqstv.bak1
C:\WINDOWS\system32\qppxdlev.ini
C:\WINDOWS\system32\ssqNHxwx.dll
C:\WINDOWS\system32\stera.log
C:\WINDOWS\system32\vagtowiy.ini
C:\WINDOWS\system32\vqgfxcne.dll
C:\WINDOWS\system32\vtsqp.dll
C:\WINDOWS\system32\vwencmdg.ini
C:\WINDOWS\system32\win
C:\WINDOWS\system32\xlrfxgty.ini
C:\WINDOWS\system32\xwxHNqss.ini
C:\WINDOWS\system32\xwxHNqss.ini2
C:\WINDOWS\system32\xxyftejt.ini
C:\WINDOWS\system32\yqaidhur.ini
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_MSSECURITY1.209.4
-------\Service_MsSecurity1.209.4
((((((((((((((((((((((((( Files Created from 2008-03-28 to 2008-04-29 )))))))))))))))))))))))))))))))
.
2008-04-28 17:28 . 2008-04-28 17:29 <DIR> d-------- C:\WINDOWS\ERUNT
2008-04-28 17:18 . 2008-04-28 17:18 578 --a------ C:\WINDOWS\index.html
2008-04-28 12:02 . 2008-04-28 12:02 <DIR> d-------- C:\Documents and Settings\Brandon Thepvongsa\Application Data\SUPERAntiSpyware.com
2008-04-28 11:08 . 2008-04-28 11:08 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2008-04-28 11:01 . 2008-04-28 16:19 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-04-28 11:01 . 2008-04-28 11:01 <DIR> d-------- C:\Documents and Settings\Singha Thepvongsa\Application Data\SUPERAntiSpyware.com
2008-04-28 11:01 . 2008-04-28 11:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-04-28 11:00 . 2008-04-28 11:00 <DIR> d-------- C:\Program Files\Trend Micro
2008-04-27 22:15 . 2008-04-27 22:18 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\McAfee.com Personal Firewall
2008-04-27 15:25 . 2008-04-28 15:42 109,738 --a------ C:\WINDOWS\BM67947289.xml
2008-04-27 14:10 . 2008-04-27 14:10 <DIR> d-------- C:\WINDOWS\system32\pnVes06
2008-04-27 14:10 . 2008-04-27 14:10 <DIR> d-------- C:\Temp\zvebs14
2008-04-27 14:09 . 2004-08-04 05:00 4,224 --a------ C:\WINDOWS\system32\beep.sys
2008-04-25 17:08 . 2008-04-25 17:08 <DIR> d-------- C:\Program Files\Common Files\xing shared
2008-04-18 16:42 . 2008-04-28 14:12 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-04-18 10:06 . 2008-04-18 10:06 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\Earthlink
2008-04-17 18:44 . 2008-04-17 18:44 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\McAfee.com Personal Firewall
2008-04-17 15:48 . 2007-10-17 13:53 43,816 --a------ C:\WINDOWS\system32\drivers\fssfltr.sys
2008-04-14 18:24 . 2008-04-14 18:24 1,409 --a------ C:\WINDOWS\QTFont.for
2008-04-14 12:02 . 2008-04-27 14:08 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-04-03 10:32 . 2008-04-03 10:32 <DIR> d-------- C:\Program Files\Citrix
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-28 23:58 --------- d-----w C:\Documents and Settings\Singha Thepvongsa\Application Data\DNA
2008-04-28 18:00 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-04-27 20:43 --------- d-----w C:\Documents and Settings\Singha Thepvongsa\Application Data\MSN6
2008-04-27 18:28 --------- d-----w C:\Program Files\Axis & Allies
2008-04-26 00:07 --------- d-----w C:\Program Files\Common Files\Real
2008-04-21 04:06 --------- d-----w C:\Documents and Settings\Brandon Thepvongsa\Application Data\MSN6
2008-04-18 23:44 --------- d-----w C:\Program Files\Google
2008-04-18 05:02 --------- d-----w C:\Documents and Settings\Singha Thepvongsa\Application Data\Lexmark Productivity Studio
2008-04-17 22:48 --------- d-----w C:\Program Files\Windows Live
2008-04-17 22:47 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-04-17 22:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-04-15 05:16 --------- d-----w C:\Program Files\Jasc Software Inc
2008-04-13 10:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-03-22 04:16 --------- d-----w C:\Program Files\PHP
2008-03-22 04:09 --------- d-----w C:\Program Files\Apache Software Foundation
2008-03-22 00:29 --------- d-----w C:\Program Files\No-IP
2008-03-19 07:19 --------- d-----w C:\Documents and Settings\Brandon Thepvongsa\Application Data\gtk-2.0
2008-03-18 04:11 --------- d-----w C:\Documents and Settings\Brandon Thepvongsa\Application Data\Intuit
2008-03-17 18:30 --------- d-----w C:\Program Files\Inkscape
2008-03-17 18:30 --------- d-----w C:\Documents and Settings\Brandon Thepvongsa\Application Data\Inkscape
2008-03-11 16:41 --------- d-----w C:\Program Files\Lexmark 3500-4500 Series
2008-03-10 18:33 --------- d-----w C:\Program Files\Inno Setup 5
2008-03-10 17:52 --------- d-----w C:\Documents and Settings\Brandon Thepvongsa\Application Data\Lexmark Productivity Studio
2008-03-10 17:47 --------- d-----w C:\Program Files\Lexmark Fax Solutions
2008-03-10 17:46 --------- d-----w C:\Program Files\Abbyy FineReader 6.0 Sprint
2008-03-07 05:51 --------- d-----w C:\Program Files\GrassSoft
2008-03-07 05:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\Grasssoft
2008-03-07 05:49 --------- d-----w C:\Program Files\Flash Website Design
2008-03-07 05:48 --------- d-----w C:\Program Files\Perfect Sound Recorder
2008-03-06 20:44 --------- d-----w C:\Program Files\Cheat Engine
2008-03-05 03:00 --------- d-----w C:\Documents and Settings\Brandon Thepvongsa\Application Data\Dev-Cpp
2008-03-05 00:25 --------- d-----w C:\Program Files\Spanish CD
2008-03-03 05:04 --------- d-----w C:\Program Files\Microsoft Money 2006
2008-03-01 00:52 --------- d-----w C:\Program Files\Common Files\Bcgsoft
2008-03-01 00:43 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-01 00:43 --------- d-----w C:\Program Files\The Game Creators
2008-02-29 23:46 --------- d-----w C:\Documents and Settings\Brandon Thepvongsa\Application Data\CoreFTP
2008-02-29 22:04 --------- d-----w C:\Program Files\CoreFTP
2008-02-29 03:22 --------- d-----w C:\Program Files\Conquer 2.0
2008-02-28 00:48 --------- d-----w C:\Program Files\Microsoft Visual Studio 9.0
2008-02-28 00:48 --------- d-----w C:\Program Files\Microsoft Synchronization Services
2008-02-28 00:48 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-02-07 19:20 439,296 ----a-w C:\Documents and Settings\Brandon Thepvongsa\GoToAssist_phone__317_en.exe
2008-02-01 22:26 21,504 -c--a-w C:\WINDOWS\jestertb.dll
2008-01-08 19:24 26,694 -c--a-w C:\Program Files\12247285-4023-8430-9530-928348073246.ico
2007-11-15 17:42 26,694 -c--a-w C:\Program Files\12247285-4023-8430-9530-928348073245.ico
2007-09-18 22:17 774,144 -c--a-w C:\Program Files\RngInterstitial.dll
2007-05-26 22:39 64,280 -c--a-w C:\Documents and Settings\Singha Thepvongsa\Application Data\GDIPFONTCACHEV1.DAT
2006-05-09 03:43 57,312 -c--a-w C:\Documents and Settings\Brandon Thepvongsa\Application Data\GDIPFONTCACHEV1.DAT
2005-10-19 03:32 51,000 -c--a-w C:\Documents and Settings\Nancy Thepvongsa\Application Data\GDIPFONTCACHEV1.DAT
2005-10-06 23:51 389,632 -c--a-w C:\Documents and Settings\Singha Thepvongsa\remote.exe
2005-08-28 03:31 180,667 -csha-w C:\WINDOWS\Help\SBSI\dvd.bak1
2005-10-07 21:58 339,153 -csha-w C:\WINDOWS\Help\SBSI\dvd.bak2
2005-10-13 17:21 182,438 -csha-w C:\WINDOWS\Help\SBSI\dvd.ini2
2005-07-29 23:24 472 -csha-r C:\WINDOWS\U2luZ2hhICBUaGVwdm9uZ3Nh\oZ5RtZ11KF1ou3pTxA6Rtah1.vbs
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 11:09 460784]
"SpySweeper"="" []
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 09:24 1694208]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-11-16 20:52 155648]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 05:00 15360]
"DellTransferAgent"="C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe" [2007-11-13 14:46 135168]
"Aim6"="" []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 17:42 1404928]
"IntelMeM"="C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-03 18:12 221184]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-10-12 14:54 57344]
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2004-01-06 23:01 110592]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-12-05 23:05 127035]
"A Verizon App"="C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE" [2005-05-23 13:20 50744]
"MPFExe"="C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe" [2005-04-05 14:41 950272]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [2005-09-22 19:29 303104]
"MCUpdateExe"="C:\PROGRA~1\mcafee.com\agent\McUpdate.exe" [2006-01-11 13:05 212992]
"VSOCheckTask"="c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" [2005-03-02 19:19 143360]
"VirusScan Online"="c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe" [2005-03-18 20:28 196608]
"Microsoft Works Update Detection"="C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2003-09-13 21:36 50688]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-04 03:00 208952]
"IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-04 03:00 44032]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 05:00 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-04 05:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-04 05:00 455168]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-10-14 14:49 94208]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-10-14 14:46 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-10-14 14:50 114688]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-11-16 20:52 155648]
"Zune Launcher"="c:\Program Files\Zune\ZuneLauncher.exe" [2008-01-11 18:54 166304]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 04:42 144784]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"lxdimon.exe"="C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe" [2007-05-07 11:07 435120]
"lxdiamon"="C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe" [2007-03-05 05:40 20480]
"FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2007-05-07 11:10 312240]
"fssui"="C:\Program Files\Windows Live\Family Safety\fssui.exe" [2007-12-17 11:12 243240]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-04-25 17:06 185896]
C:\Documents and Settings\Singha Thepvongsa\Start Menu\Programs\Startup\
OneNote Table Of Contents.onetoc2 [2007-11-14 09:30:45 3656]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-04-18 16:42:00 124400]
Monitor Apache Servers.lnk - C:\Program Files\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe [2008-01-18 00:38:50 41041]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"WebProxy"= {66186F05-BBBB-4a39-864F-72D84615C679} - sockins32.dll [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\iifeBRLF]
iifeBRLF.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Singha Thepvongsa^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=C:\Documents and Settings\Singha Thepvongsa\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=C:\WINDOWS\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Singha Thepvongsa^Start Menu^Programs^Startup^OneNote Table Of Contents.onetoc2]
path=C:\Documents and Settings\Singha Thepvongsa\Start Menu\Programs\Startup\OneNote Table Of Contents.onetoc2
backup=C:\WINDOWS\pss\OneNote Table Of Contents.onetoc2Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
--a------ 2007-03-15 11:09 460784 C:\Program Files\DellSupport\DSAgnt.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a--c--- 2004-09-13 16:49 49152 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxdiamon]
--a------ 2007-03-05 05:40 20480 C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxdimon.exe]
--a------ 2007-05-07 11:07 435120 C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
--a------ 2005-04-13 19:51 385024 C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2004-10-13 09:24 1694208 C:\Program Files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2005-11-16 20:52 155648 C:\Program Files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2008-04-18 16:42 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-04-25 17:06 185896 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViewpointPhotosDeviceConnect]
--a------ 2005-11-21 15:57 140880 C:\Program Files\Viewpoint\Viewpoint Toolbar V35\FotomatDeviceConnect.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\LEXPPS.EXE"=
"C:\\WINDOWS\\system32\\fxsclnt.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
"C:\\Program Files\\Lexmark 3500-4500 Series\\lxdimon.exe"=
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdipswx.exe"=
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxditime.exe"=
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdijswx.exe"=
"C:\\Program Files\\Lexmark 3500-4500 Series\\Wireless\\lxdiwpss.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdiwbgw.exe"=
"C:\\Program Files\\Java\\jdk1.6.0_03\\bin\\java.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\AIM6\\aim6.exe"=
"C:\\Program Files\\DNA\\btdna.exe"=
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=
"C:\\WINDOWS\\system32\\lxdicoms.exe"=
"C:\\Program Files\\Lexmark 3500-4500 Series\\lxdiamon.exe"=
"C:\\Program Files\\Lexmark 3500-4500 Series\\App4r.exe"=
"C:\\Program Files\\Abbyy FineReader 6.0 Sprint\\Scan\\ScanMan6.exe"=
"C:\\Program Files\\Lexmark Fax Solutions\\faxctr.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"43594:TCP"= 43594:TCP:PkScape
R2 Apache2.2;Apache2.2;"C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe" -k runservice []
R2 fssfltr;FssFltr;C:\WINDOWS\system32\DRIVERS\fssfltr.sys [2007-10-17 13:53]
R2 fsssvc;Windows Live OneCare Family Safety;"C:\Program Files\Windows Live\Family Safety\fsssvc.exe" [2007-12-17 11:13]
R2 lxdi_device;lxdi_device;C:\WINDOWS\system32\lxdicoms.exe [2007-04-26 08:38]
R2 lxdiCATSCustConnectService;lxdiCATSCustConnectService;C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe [2007-04-26 08:38]
R2 SQLWriter;SQL Server VSS Writer;"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2007-02-10 06:29]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 14:38]
R2 zumbus;Zune Bus Enumerator Driver;C:\WINDOWS\system32\DRIVERS\zumbus.sys [2008-01-11 18:39]
R2 ZuneBusEnum;Zune Bus Enumerator;c:\WINDOWS\system32\ZuneBusEnum.exe [2008-01-11 18:54]
R3 kbdcap;kbdcap;C:\WINDOWS\system32\drivers\kbdcap.sys [2008-02-02 23:36]
S3 USB_RNDIS_XP;Westell WireSpeed Dual Connect Modem;C:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-04 05:00]
S3 ZuneWlanCfgSvc;Zune Wireless Configuration Service;c:\WINDOWS\system32\ZuneWlanCfgSvc.exe [2008-01-11 18:54]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{66186F05-BBBB-4a39-864F-72D84615C679}]
rundll32 sockins32.dll,InitModule
.
Contents of the 'Scheduled Tasks' folder
"2008-04-29 02:30:53 C:\WINDOWS\Tasks\dfrg.job"
- C:\WINDOWS\system32\dfrg.msc
"2008-04-29 02:30:53 C:\WINDOWS\Tasks\Disk Cleanup.job"
- C:\WINDOWS\system32\cleanmgr.exe
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-04-28 19:35:00
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
C:\WINDOWS\system32\drivers\clbdriver.sys 6656 bytes executable
C:\Program Files\Common Files\Real\Plugins\clbascauth.dll 25088 bytes executable
C:\WINDOWS\system32\clb.dll 10752 bytes executable
C:\WINDOWS\system32\clbcatex.dll 110080 bytes executable
C:\WINDOWS\system32\clbcatq.dll 498688 bytes executable
C:\WINDOWS\system32\clbcfg.dat 1695 bytes
C:\WINDOWS\system32\clbdll.dll 29184 bytes executable
scan completed successfully
hidden files: 7
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\clbdriver]
"imagepath"="\??\globalroot\systemroot\system32\drivers\clbdriver.sys"
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdiserv.exe
C:\Program Files\McAfee.com\Agent\Mcdetect.exe
C:\PROGRA~1\McAfee.com\Agent\McTskshd.exe
C:\PROGRA~1\McAfee.com\VSO\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\system32\fxssvc.exe
C:\PROGRA~1\McAfee.com\VSO\McShield.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\PROGRA~1\McAfee.com\VSO\McVSEscn.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\Common Files\Verizon Online\ConnMgr\cmisrv.exe
C:\PROGRA~1\McAfee.com\VSO\mcvsftsn.exe
C:\Program Files\Common Files\Verizon Online\AppMgr\vzOpenUIServer.exe
C:\Program Files\Java\jre1.6.0_04\bin\jucheck.exe
C:\WINDOWS\system32\imapi.exe
.
**************************************************************************
.
Completion time: 2008-04-28 19:44:12 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-29 02:43:56
Pre-Run: 47,679,176,704 bytes free
Post-Run: 48,160,571,392 bytes free
340 --- E O F --- 2008-04-19 10:08:31
Here's the new Hijack This Log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:47, on 2008-04-28
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdiserv.exe
C:\WINDOWS\system32\lxdicoms.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
c:\WINDOWS\system32\ZuneBusEnum.exe
C:\WINDOWS\system32\fxssvc.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Family Safety\fssui.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\Common Files\Verizon Online\ConnMgr\cmisrv.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Common Files\Verizon Online\AppMgr\vzOpenUIServer.exe
C:\Program Files\Java\jre1.6.0_04\bin\jucheck.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157
R3 - URLSearchHook: (no name) - {44F9B173-041C-4825-A9B9-D914BD9DCBB3} - (no file)
R3 - URLSearchHook: (no name) - ~4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)
R3 - URLSearchHook: (no name) - ~CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\WINDOWS\DOWNLO~1\vzbb.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar V35\ViewBarBHO.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\WINDOWS\DOWNLO~1\vzbb.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [A Verizon App] C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Zune Launcher] "c:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fssui.exe" -autorun
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellTransferAgent] "C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe"
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Monitor Apache Servers.lnk = C:\Program Files\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) -
https://support.micr...abs/MSDcode.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} -
http://messenger.zon...nt.cab50997.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) -
http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} -
http://by135fd.bay13...es/MsnPUpld.cab
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) -
http://h20264.www2.h...nosticsxp2k.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoft...free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} -
http://messenger.zon...ro.cab50997.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -
http://download.mcaf...,23/mcgdmgr.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B54F3AD8-23D1-4C34-B421-525200FCDA81}: NameServer = 206.124.64.253,206.124.65.253
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: iifeBRLF - iifeBRLF.dll (file missing)
O21 - SSODL: WebProxy - {66186F05-BBBB-4a39-864F-72D84615C679} - sockins32.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apache2.2 - Apache Software Foundation - C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
O23 - Service: lxdi_device - - C:\WINDOWS\system32\lxdicoms.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 13082 bytes
Edited by brandon99337, 28 April 2008 - 09:27 PM.