Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
ComboFix 08-05-01.3 - Owner 2008-05-12 16:27:13.4 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.199 [GMT -4:00]
Running from: F:\Documents and Settings\Owner\Desktop\ComboFix.exe
Command switches used :: F:\Documents and Settings\Owner\Desktop\CFScript.txt
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
FILE ::
F:\WINDOWS\b2new.exe
F:\WINDOWS\system32\efcDVpMg.dll
F:\WINDOWS\system32\egpqgarc.dll
F:\WINDOWS\SYSTEM32\ljJbBSIy.dll
F:\WINDOWS\system32\ljJbBSIy.dll
F:\WINDOWS\system32\lvxjuonp.dll
F:\WINDOWS\system32\mtkbudex.dll
F:\WINDOWS\system32\nnnnNGVp.dll
F:\WINDOWS\system32\smuqsuiw.dll
F:\WINDOWS\system32\sockins32.dll
F:\WINDOWS\system32\wiusqums.ini
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
F:\Documents and Settings\All Users\Application Data\rezgdwhm
F:\WINDOWS\b2new.exe
F:\WINDOWS\system32\efcDVpMg.dll
F:\WINDOWS\system32\egpqgarc.dll
F:\WINDOWS\system32\ljJbBSIy.dll
F:\WINDOWS\system32\lvxjuonp.dll
F:\WINDOWS\system32\mtkbudex.dll
F:\WINDOWS\system32\nnnnNGVp.dll
F:\WINDOWS\system32\smuqsuiw.dll
F:\WINDOWS\system32\sockins32.dll
F:\WINDOWS\system32\wiusqums.ini
.
((((((((((((((((((((((((( Files Created from 2008-04-12 to 2008-05-12 )))))))))))))))))))))))))))))))
.
2008-05-11 10:40 . 2008-05-11 10:40 41,724 ---hs---- F:\Program Files\Common Files\Yazzle1552OinUninstaller.exe
2008-05-10 23:28 . 2008-05-10 23:28 54,156 --ah----- F:\WINDOWS\QTFont.qfn
2008-05-10 23:28 . 2008-05-10 23:28 1,409 --a------ F:\WINDOWS\QTFont.for
2008-05-10 20:34 . 2008-05-10 20:34 <DIR> d-------- F:\WINDOWS\system32\Kaspersky Lab
2008-05-10 20:34 . 2008-05-10 20:34 <DIR> d-------- F:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-05-09 16:14 . 2008-05-09 16:14 250 --a------ F:\WINDOWS\gmer.ini
2008-05-09 09:22 . 2008-05-09 09:22 <DIR> d-------- F:\Program Files\Malwarebytes' Anti-Malware
2008-05-09 09:22 . 2008-05-09 09:22 <DIR> d-------- F:\Documents and Settings\Owner\Application Data\Malwarebytes
2008-05-09 09:22 . 2008-05-09 09:22 <DIR> d-------- F:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-05-09 09:22 . 2008-05-05 20:46 27,048 --a------ F:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-05-09 09:22 . 2008-05-05 20:46 15,864 --a------ F:\WINDOWS\system32\drivers\mbam.sys
2008-05-01 23:01 . 2008-05-01 23:01 24,576 --a------ F:\WINDOWS\system32\VundoFixSVC.exe
2008-05-01 21:57 . 2008-05-01 21:57 8 --a------ F:\WINDOWS\system32\0000fdec
2008-04-26 11:41 . 2008-04-26 11:41 <DIR> d-------- F:\Documents and Settings\Owner\Application Data\Motive
2008-04-26 11:35 . 2008-04-26 11:35 <DIR> d-------- F:\WINDOWS\system32\LogFiles
2008-04-26 08:33 . 2003-07-16 16:24 4,224 --a------ F:\WINDOWS\system32\beep.sys
2008-04-26 08:31 . 2008-04-26 08:31 <DIR> d-------- F:\WINDOWS\system32\xcsDd06
2008-04-26 08:31 . 2008-05-11 10:54 1,906 --a------ F:\WINDOWS\index.html
2008-04-24 17:12 . 2008-02-22 02:33 69,632 --a------ F:\WINDOWS\system32\javacpl.cpl
2008-04-24 15:43 . 2007-09-06 00:22 289,144 --a------ F:\WINDOWS\system32\VCCLSID.exe
2008-04-24 15:43 . 2006-04-27 17:49 288,417 --a------ F:\WINDOWS\system32\SrchSTS.exe
2008-04-24 15:43 . 2008-04-24 08:10 86,528 --a------ F:\WINDOWS\system32\VACFix.exe
2008-04-24 15:43 . 2008-04-23 22:14 82,944 --a------ F:\WINDOWS\system32\IEDFix.exe
2008-04-24 15:43 . 2008-04-23 22:14 82,944 --a------ F:\WINDOWS\system32\404Fix.exe
2008-04-24 15:43 . 2004-07-31 18:50 51,200 --a------ F:\WINDOWS\system32\dumphive.exe
2008-04-24 15:43 . 2007-10-04 00:36 25,600 --a------ F:\WINDOWS\system32\WS2Fix.exe
2008-04-24 15:40 . 2008-04-24 15:40 3,798 --a------ F:\WINDOWS\system32\tmp.reg
2008-04-24 15:23 . 2008-04-24 15:23 <DIR> d-------- F:\Documents and Settings\Administrator
2008-04-24 15:23 . 2008-05-12 16:25 1,024 --ah----- F:\Documents and Settings\Administrator\ntuser.dat.LOG
2008-04-23 19:15 . 2008-05-09 11:54 <DIR> d-------- F:\VundoFix Backups
2008-04-23 14:04 . 2008-04-23 14:04 <DIR> d-------- F:\Documents and Settings\All Users\Application Data\McAfee
2008-04-21 01:25 . 2008-05-11 14:26 109,709 --a------ F:\WINDOWS\BMcf339d83.xml
2008-04-20 14:36 . 2008-03-01 09:06 6,066,176 -----c--- F:\WINDOWS\system32\dllcache\ieframe.dll
2008-04-20 14:36 . 2007-06-30 23:31 2,455,488 -----c--- F:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-04-20 14:36 . 2007-06-30 23:36 991,232 -----c--- F:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-04-20 14:36 . 2008-03-01 09:06 459,264 -----c--- F:\WINDOWS\system32\dllcache\msfeeds.dll
2008-04-20 14:36 . 2008-03-01 09:06 383,488 -----c--- F:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-04-20 14:36 . 2008-03-01 09:06 267,776 -----c--- F:\WINDOWS\system32\dllcache\iertutil.dll
2008-04-20 14:36 . 2008-03-01 09:06 63,488 -----c--- F:\WINDOWS\system32\dllcache\icardie.dll
2008-04-20 14:36 . 2008-03-01 09:06 52,224 -----c--- F:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-04-20 14:36 . 2008-02-22 06:00 13,824 -----c--- F:\WINDOWS\system32\dllcache\ieudinit.exe
2008-04-20 14:32 . 2007-08-13 18:54 33,792 --a--c--- F:\WINDOWS\system32\dllcache\custsat.dll
2008-04-20 13:09 . 2008-05-06 16:59 1,061 --a------ F:\WINDOWS\wininit.ini
2008-04-20 12:14 . 2008-04-20 12:13 691,545 --a------ F:\WINDOWS\unins000.exe
2008-04-20 12:14 . 2008-04-20 12:14 2,542 --a------ F:\WINDOWS\unins000.dat
2008-04-20 11:11 . 2008-04-20 11:11 <DIR> d-------- F:\WINDOWS\mgwwgmke
2008-04-20 11:10 . 2008-04-20 11:10 398 --a------ F:\WINDOWS\system32\LE5C0.tmp
2008-04-20 11:10 . 2008-04-20 11:10 398 --a------ F:\WINDOWS\system32\LE504.tmp
2008-04-20 11:10 . 2008-04-20 11:10 398 --a------ F:\WINDOWS\system32\LE3BC.tmp
2008-04-20 11:10 . 2008-04-20 11:10 398 --a------ F:\WINDOWS\system32\LE310.tmp
2008-04-16 17:55 . 2004-08-04 03:56 159,232 --a------ F:\WINDOWS\system32\ptpusd.dll
2008-04-16 17:55 . 2004-08-04 01:58 15,104 --a------ F:\WINDOWS\system32\drivers\usbscan.sys
2008-04-16 17:55 . 2004-08-04 01:58 15,104 --a--c--- F:\WINDOWS\system32\dllcache\usbscan.sys
2008-04-16 17:55 . 2001-08-17 22:36 5,632 --a------ F:\WINDOWS\system32\ptpusb.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-12 20:25 --------- d-----w F:\Documents and Settings\Owner\Application Data\SlimBrowser
2008-05-06 12:51 --------- d-----w F:\Documents and Settings\All Users\Application Data\Lavasoft
2008-05-06 12:50 9,344 ----a-w F:\WINDOWS\system32\drivers\NSDriver.sys
2008-05-06 12:50 8,320 ----a-w F:\WINDOWS\system32\drivers\AWRTRD.sys
2008-05-06 11:06 --------- d-----w F:\Program Files\AIMTunes
2008-04-28 01:31 61,328 ----a-w F:\Documents and Settings\Owner\Application Data\GDIPFONTCACHEV1.DAT
2008-04-27 17:28 --------- d-----w F:\Documents and Settings\All Users\Application Data\Motive
2008-04-24 21:12 --------- d-----w F:\Program Files\Java
2008-04-20 17:14 --------- d-----w F:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-04-20 16:42 --------- d-----w F:\Program Files\Spybot - Search & Destroy
2008-04-05 14:40 --------- d-----w F:\Documents and Settings\LocalService\Application Data\SlimBrowser
2008-03-22 17:38 --------- d-----w F:\Documents and Settings\Owner\Application Data\Apple Computer
.
((((((((((((((((((((((((((((( snapshot@2008-05-07_19.20.06.57 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-07-26 04:39:43 110,080 ----a-w F:\WINDOWS\$hf_mig$\KB902400\SP2GDR\clbcatex.dll
+ 2005-07-26 04:39:43 498,688 ----a-w F:\WINDOWS\$hf_mig$\KB902400\SP2GDR\clbcatq.dll
+ 2005-07-26 04:20:23 110,080 ----a-w F:\WINDOWS\$hf_mig$\KB902400\SP2QFE\clbcatex.dll
+ 2005-07-26 04:20:24 498,688 ----a-w F:\WINDOWS\$hf_mig$\KB902400\SP2QFE\clbcatq.dll
+ 2005-07-26 04:30:38 110,080 -c----w F:\WINDOWS\$NtServicePackUninstall$\clbcatex.dll
+ 2005-07-26 04:30:41 497,152 -c----w F:\WINDOWS\$NtServicePackUninstall$\clbcatq.dll
+ 2004-08-04 07:56:41 110,080 -c----w F:\WINDOWS\$NtUninstallKB902400$\clbcatex.dll
+ 2004-08-04 07:56:41 501,248 -c----w F:\WINDOWS\$NtUninstallKB902400$\clbcatq.dll
+ 2003-07-16 20:25:27 100,864 -c----w F:\WINDOWS\$NtUninstallKB902400_0$\clbcatex.dll
+ 2003-07-16 20:25:28 468,480 -c----w F:\WINDOWS\$NtUninstallKB902400_0$\clbcatq.dll
- 2008-05-07 23:15:08 2,048 --s-a-w F:\WINDOWS\bootstat.dat
+ 2008-05-12 20:33:03 2,048 --s-a-w F:\WINDOWS\bootstat.dat
+ 2008-05-09 20:14:16 819,200 ----a-w F:\WINDOWS\gmer.dll
+ 2008-05-09 20:14:01 761,856 ----a-w F:\WINDOWS\gmer.exe
+ 2004-08-04 07:56:41 110,080 ------w F:\WINDOWS\ServicePackFiles\i386\clbcatex.dll
+ 2004-08-04 07:56:41 501,248 ------w F:\WINDOWS\ServicePackFiles\i386\clbcatq.dll
+ 2003-07-16 20:25:27 10,752 ----a-w F:\WINDOWS\system32\clb.dll
+ 2005-07-26 04:39:43 110,080 ----a-w F:\WINDOWS\system32\clbcatex.dll
+ 2005-07-26 04:39:43 498,688 ----a-w F:\WINDOWS\system32\clbcatq.dll
+ 2003-07-16 20:25:27 10,752 -c--a-w F:\WINDOWS\system32\dllcache\clb.dll
+ 2008-05-09 20:14:16 86,097 ----a-w F:\WINDOWS\system32\drivers\gmer.sys
+ 2005-05-24 16:27:16 213,048 ----a-w F:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2007-08-29 19:47:20 94,208 ----a-w F:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2007-08-29 19:49:54 950,272 ----a-w F:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
+ 2008-05-11 14:54:48 2,048 ----a-w F:\WINDOWS\system32\pdfostrl.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Aim6"="F:\Program Files\AIM6\aim6.exe" [2007-09-29 16:22 50528]
"ctfmon.exe"="F:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:56 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="F:\WINDOWS\System32\igfxtray.exe" [2003-04-07 00:19 155648]
"HotKeysCmds"="F:\WINDOWS\System32\hkcmd.exe" [2003-04-07 00:07 114688]
"MCAgentExe"="f:\PROGRA~1\mcafee.com\agent\mcagent.exe" [2005-09-22 18:29 303104]
"MCUpdateExe"="f:\PROGRA~1\mcafee.com\agent\mcupdate.exe" [2006-01-11 12:05 212992]
"VirusScan Online"="F:\Program Files\McAfee.com\VSO\mcvsshld.exe" [2005-08-10 12:49 163840]
"VSOCheckTask"="F:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" [2005-07-08 18:18 151552]
"OASClnt"="F:\Program Files\McAfee.com\VSO\oasclnt.exe" [2005-08-11 22:02 53248]
"PDUiP6000DMon"="F:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMon.exe" [2004-05-31 13:26 57344]
"PDUiP6000DTskbr"="F:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DTskbr.exe" [2004-05-28 09:29 69632]
"Microsoft Works Update Detection"="F:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2002-07-16 21:21 28672]
"QuickTime Task"="F:\PROGRA~1\QUICKT~1\qttask.exe" [2006-09-01 15:57 282624]
"iTunesHelper"="F:\Program Files\iTunes\iTunesHelper.exe" [2006-09-12 01:58 229952]
"SunJavaUpdateSched"="F:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"Verizon_McciTrayApp"="F:\Program Files\Verizon\McciTrayApp.exe" [2007-09-28 14:30 936960]
"VerizonServicepoint.exe"="F:\Program Files\Verizon\VSP\VerizonServicepoint.exe" [2007-05-11 16:20 2061816]
"000000af"="F:\WINDOWS\system32\smuqsuiw.dll" [ ]
F:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - F:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26 29696]
Microsoft Office.lnk - F:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 01:01:04 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"F:\\Program Files\\AIM\\aim.exe"=
"F:\\Program Files\\iTunes\\iTunes.exe"=
"F:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"F:\\Program Files\\AIM6\\aim6.exe"=
"F:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
R2 Viewpoint Manager Service;Viewpoint Manager Service;"F:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 17:38]
.
Contents of the 'Scheduled Tasks' folder
"2008-05-11 13:14:00 F:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- F:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-12 16:33:46
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
F:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
F:\Program Files\McAfee.com\Agent\Mcdetect.exe
F:\PROGRA~1\McAfee.com\VSO\McShield.exe
F:\PROGRA~1\McAfee.com\Agent\McTskshd.exe
F:\PROGRA~1\McAfee.com\VSO\McVSEscn.exe
F:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMemCrdMgr.exe
F:\Program Files\iPod\bin\iPodService.exe
F:\Program Files\AIM6\aolsoftware.exe
F:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
.
**************************************************************************
.
Completion time: 2008-05-12 16:40:36 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-12 20:40:33
ComboFix2.txt 2008-05-11 18:42:12
ComboFix3.txt 2008-05-11 18:26:02
ComboFix4.txt 2008-05-07 23:20:26
Pre-Run: 67,437,780,992 bytes free
Post-Run: 67,428,511,744 bytes free
212 --- E O F --- 2008-04-21 07:01:15
Logfile of HijackThis v1.99.1
Scan saved at 4:41:27 PM, on 5/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
F:\WINDOWS\system32\spoolsv.exe
f:\program files\mcafee.com\agent\mcdetect.exe
f:\PROGRA~1\mcafee.com\vso\mcshield.exe
f:\PROGRA~1\mcafee.com\agent\mctskshd.exe
f:\PROGRA~1\mcafee.com\vso\OasClnt.exe
f:\program files\mcafee.com\vso\mcvsshld.exe
f:\progra~1\mcafee.com\vso\mcvsescn.exe
F:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMemCrdMgr.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\Viewpoint\Common\ViewpointService.exe
F:\WINDOWS\System32\hkcmd.exe
F:\PROGRA~1\mcafee.com\agent\mcagent.exe
F:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMon.exe
F:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DTskbr.exe
F:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
F:\PROGRA~1\QUICKT~1\qttask.exe
F:\Program Files\iTunes\iTunesHelper.exe
F:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
F:\Program Files\Verizon\McciTrayApp.exe
F:\Program Files\Verizon\VSP\VerizonServicepoint.exe
F:\Program Files\AIM6\aim6.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\iPod\bin\iPodService.exe
F:\Program Files\AIM6\aolsoftware.exe
F:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
F:\WINDOWS\system32\wuauclt.exe
F:\WINDOWS\explorer.exe
F:\Program Files\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file://c:/windows/homepage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = file://c:/windows/homepage.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = file://c:/windows/homepage.html
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - f:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - F:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [IgfxTray] F:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] F:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [MCAgentExe] f:\PROGRA~1\mcafee.com\agent\mcagent.exe files\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] f:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [VirusScan Online] F:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [VSOCheckTask] "F:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [OASClnt] F:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [PDUiP6000DMon] F:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMon.exe
O4 - HKLM\..\Run: [PDUiP6000DTskbr] F:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DTskbr.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] F:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [QuickTime Task] "F:\PROGRA~1\QUICKT~1\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Verizon_McciTrayApp] F:\Program Files\Verizon\McciTrayApp.exe
O4 - HKLM\..\Run: [VerizonServicepoint.exe] "F:\Program Files\Verizon\VSP\VerizonServicepoint.exe" /AUTORUN
O4 - HKLM\..\Run: [000000af] rundll32.exe "F:\WINDOWS\system32\smuqsuiw.dll",b
O4 - HKCU\..\Run: [Aim6] "F:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = F:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://F:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://F:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://F:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://F:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - F:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemyfi...IOS/tgctlcm.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace....ploader1006.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebo...otoUploader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcaf...,26/mcgdmgr.cab
O20 - Winlogon Notify: igfxcui - F:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - F:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - F:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: iPod Service - Apple Computer, Inc. - F:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - f:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - f:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - f:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - F:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: Canon PIXMA iP6000D Memory Card Manager (PDUiP6000DMemCrdMgr) - CANON INC. - F:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMemCrdMgr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - F:\Program Files\Viewpoint\Common\ViewpointService.exe
