ComboFix 08-07-09.2 - Compaq_Owner 2008-07-09 20:35:01.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.594 [GMT -4:00]
Running from: C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Application Data\nsv
C:\Documents and Settings\All Users\Application Data\nsv\cache\283.dfn
C:\Documents and Settings\All Users\Application Data\nsv\keys.dat
C:\Documents and Settings\All Users\Application Data\nsv\wmv0104.dbd
C:\Documents and Settings\All Users\Application Data\nsv\wmv0106.ddx
C:\Documents and Settings\All Users\Application Data\nsv\wmv0204.ddx
C:\Documents and Settings\All Users\Application Data\nsv\wmv0315.ddx
C:\Documents and Settings\All Users\Application Data\nsv\wmv0412.ddx
C:\Documents and Settings\All Users\Application Data\nsv\wmv0504.ddx
C:\Documents and Settings\All Users\Application Data\nsv\wmv0904.ddx
C:\Documents and Settings\All Users\Application Data\nsv\wmv1125.ddx
C:\Documents and Settings\All Users\Application Data\nsv\wmv1204.ddx
C:\Documents and Settings\All Users\Application Data\nsv\wmv1215.dbd
C:\Documents and Settings\All Users\Application Data\nsv\wmv1909.ddx
C:\Documents and Settings\All Users\Application Data\nsv\wmv1920.dbd
C:\Documents and Settings\All Users\Application Data\nsv\wmv2007.dbd
C:\lswmv.ini
C:\Program Files\Common Files\uninstall information
C:\Program Files\Common Files\uninstall information\RemoveDisplayUtility.exe
C:\WINDOWS\hosts
C:\WINDOWS\system32\oeminfo.ini
.
((((((((((((((((((((((((( Files Created from 2008-06-10 to 2008-07-10 )))))))))))))))))))))))))))))))
.
2008-07-05 18:44 . 2008-07-05 18:44 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-05 18:44 . 2008-07-05 18:44 <DIR> d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Malwarebytes
2008-07-05 18:44 . 2008-07-05 18:44 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-05 18:44 . 2008-06-28 14:16 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-07-05 18:44 . 2008-06-28 14:16 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-07-05 16:23 . 2008-07-05 16:23 <DIR> d-------- C:\Program Files\Abexo
2008-07-05 16:01 . 2008-07-05 16:01 <DIR> d-------- C:\Program Files\RegCure
2008-06-29 22:09 . 2008-06-29 22:09 <DIR> d-------- C:\Program Files\Iomega
2008-06-26 00:06 . 2008-06-26 00:06 7,496,920 --a------ C:\Program Files\Firefox Setup 3.0.exe
2008-06-13 11:15 . 2008-06-13 11:15 224 --a------ C:\WINDOWS\system32\9B13A86D.plf
2008-06-13 10:02 . 2008-06-13 10:02 <DIR> d-------- C:\Program Files\ParetoLogic
2008-06-13 10:02 . 2008-06-13 10:02 <DIR> d-------- C:\Program Files\Common Files\ParetoLogic
2008-06-13 10:02 . 2008-06-13 10:02 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ParetoLogic
2008-06-13 10:02 . 2008-06-13 10:02 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
2008-06-13 09:49 . 2008-06-13 09:49 <DIR> d-------- C:\Program Files\Conduit
2008-06-13 09:46 . 2008-06-13 09:46 <DIR> d-------- C:\Program Files\Lphant
2008-06-13 09:46 . 2008-06-13 09:47 <DIR> d-------- C:\Program Files\AdVantage
2008-06-13 09:07 . 2008-06-13 09:07 <DIR> d-------- C:\Program Files\CardRecovery
2008-06-10 21:45 . 2008-06-13 09:10 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-10 21:45 . 2008-06-13 09:10 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-09 12:47 --------- d-----w C:\Program Files\Quicken
2008-07-05 20:18 4,734 ----a-w C:\Program Files\RegCure_1.5.0.0_and_Working_Crack.torrent
2008-07-05 20:15 1,340 ----a-w C:\Program Files\RegCure.v1.5.._PRE-CRACKED.torrent
2008-06-25 13:24 --------- d---a-w C:\Program Files\PC-Doctor for Windows
2008-06-20 17:41 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-13 13:49 --------- d-----w C:\Program Files\BitLord
2008-06-12 15:52 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\U3
2008-06-12 15:52 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\Move Networks
2008-06-08 19:26 --------- d-----w C:\Program Files\Common Files\Macromedia
2008-06-08 19:21 --------- d-----w C:\Program Files\Java
2008-06-08 19:14 --------- d-----w C:\Program Files\Macromedia
2008-06-08 19:10 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-08 18:59 --------- d-----w C:\Program Files\VstPlugins
2008-06-08 18:33 --------- d-----w C:\Program Files\MSN Messenger
2008-06-08 18:32 18,895,728 ----a-w C:\Program Files\Install_Messenger.exe
2008-06-08 18:26 --------- d-----w C:\Program Files\Image-Line
2008-06-08 18:15 --------- d-----w C:\Program Files\MySpace
2008-06-08 18:13 --------- d-----w C:\Program Files\Common Files\Autodesk Shared
2008-05-19 23:31 --------- d-----w C:\Program Files\Morpheus
2008-05-17 22:10 --------- d-----w C:\Program Files\Azureus
2008-05-07 05:18 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2007-10-26 02:26 779,312 -c--a-w C:\Program Files\MoveMediaPlayer_07074039.exe
2007-04-15 17:17 365,824 ----a-w C:\Program Files\bot250.zip
2007-04-05 14:35 5,154,816 -c--a-w C:\Program Files\WindowsDefender.msi
2006-10-25 17:49 322,329 -c--a-w C:\Program Files\Info101.widget
2006-08-30 01:29 198,254 ----a-w C:\Program Files\ProShots File Update.zip
2006-08-30 01:27 28,526,781 ----a-w C:\Program Files\Candid 2000 Mask.zip
2006-08-30 00:58 7,038,375 -c--a-w C:\Program Files\IPhotos Setup Install.exe
2006-08-14 03:26 1,355,912 -c--a-w C:\Program Files\install_flash_player.exe
2006-08-07 00:39 13,130,032 ----a-w C:\Program Files\IE7BETA3-WindowsXP-x86-enu.exe
2006-03-21 21:34 26,922 -c--a-w C:\Program Files\MoviePass Terms.html
2005-09-16 13:46 635,569 -c--a-w C:\Program Files\XviD-1.0.3-20122004.exe
2005-08-03 18:38 826 ----a-w C:\Program Files\install.adb
2005-06-03 17:32 1,094,021 ----a-w C:\Program Files\DVD Shrink 3.2, make Perfect copies of ANY DVD movie, even copyright protected material.zip
2005-04-23 02:52 315,624 ----a-w C:\Program Files\dxwebsetup.exe
2005-03-22 09:49 287,232 ----a-w C:\Program Files\Adobelmsvc Installer.dll
2005-03-22 08:29 19,533,824 ----a-w C:\Program Files\Photoshop.exe
2005-03-22 07:48 2,142,208 ----a-w C:\Program Files\PSArt.dll
2005-03-22 07:48 150,644 ----a-w C:\Program Files\TypeLibrary.tlb
2005-03-22 07:48 1,748,992 ----a-w C:\Program Files\PSViews.dll
2005-03-22 07:48 1,323,008 ----a-w C:\Program Files\Photoshop.dll
2005-03-22 07:43 1,144,622 ----a-w C:\Program Files\Tw10122.dat
2005-03-22 07:41 19,980,288 ----a-w C:\Program Files\ImageReady.exe
2005-03-22 07:13 41,984 ----a-w C:\Program Files\Plugin.dll
2005-03-16 22:57 61,440 -c--a-w C:\Program Files\regsresen_US.dll
2005-03-13 17:10 4,096,000 -c--a-w C:\Program Files\PDFL70.dll
2005-03-13 16:01 1,805,824 ----a-w C:\Program Files\AGM.dll
2005-03-11 00:31 3,715,072 -c--a-w C:\Program Files\MPS.dll
2005-03-09 21:59 1,560,169 ----a-w C:\Program Files\AdobeLM.dll
2005-03-09 08:32 151,552 -c--a-w C:\Program Files\AXE16SharedExpat.dll
2005-03-09 08:32 151,552 ----a-w C:\Program Files\AXE8SharedExpat.dll
2005-03-09 08:17 475,136 ----a-w C:\Program Files\AdobeXMP.dll
2005-03-09 08:07 630,784 ----a-w C:\Program Files\ACE.dll
2005-03-09 08:07 266,240 -c--a-w C:\Program Files\ARE.dll
2005-03-09 08:07 217,088 ----a-w C:\Program Files\BIBUtils.dll
2005-03-09 08:07 2,162,688 ----a-w C:\Program Files\CoolType.dll
2005-03-09 08:07 180,224 ----a-w C:\Program Files\Bib.dll
2005-03-08 11:23 4,153,344 ----a-w C:\Program Files\VersionCue.dll
2005-03-08 11:23 3,170,304 ----a-w C:\Program Files\VersionCueUI.dll
2005-03-03 19:39 425,984 ----a-w C:\Program Files\AdobeUpdater.dll
2005-03-01 20:46 45,486 -c--a-w C:\Program Files\Photoshop Read Me.wri
2005-02-25 17:50 157,035 -c--a-w C:\Program Files\LegalNotices.pdf
2005-02-17 15:28 663,552 -c--a-w C:\Program Files\FileInfo.dll
2005-02-15 06:03 561,152 -c--a-w C:\Program Files\JP2KLib.dll
2005-02-11 17:45 13,842 -c--a-w C:\Program Files\Activation ReadMe.htm
2005-02-10 17:36 143,360 -c--a-w C:\Program Files\epic_eula.dll
2005-02-08 17:43 49,152 -c--a-w C:\Program Files\persresen_US.dll
2005-02-08 17:43 45,056 -c--a-w C:\Program Files\eularesen_US.dll
2005-02-07 12:45 5,632 ----a-w C:\Program Files\agldt28l.dll
2005-01-19 18:31 155,648 ----a-w C:\Program Files\epic_regs.dll
2005-01-18 16:31 114,688 ----a-w C:\Program Files\epic_pers.dll
2005-01-12 18:23 180,224 ----a-w C:\Program Files\pdfsettings.dll
2004-08-24 19:55 126,976 ----a-w C:\Program Files\asneu.dll
2004-07-26 07:16 1,117,491 ----a-w C:\Program Files\dvdshrink32setup.exe
2004-06-22 16:57 589,824 ----a-w C:\Program Files\libagluc28.dll
2003-05-08 22:34 499,712 ----a-w C:\Program Files\msvcp71.dll
2003-05-08 22:32 348,160 ----a-w C:\Program Files\msvcr71.dll
2003-01-26 15:37 3,602 -c--a-w C:\Program Files\dme.reg
2000-08-29 04:19 401,462 ----a-w C:\Program Files\MSVCP60.DLL
1999-12-03 10:01 22,800 ----a-w C:\Program Files\Shfolder.dll
1999-02-02 04:00 266,293 -c--a-w C:\Program Files\Msvcrt.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15:00 15360]
"YSearchProtection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [2007-06-08 10:59 224248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 19:04 52736]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 23:43 233472]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2003-09-12 23:13 98304]
"EPSON Stylus Photo R200 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE" [2003-07-08 03:00 99840]
"ShStatEXE"="C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" [2004-05-27 08:00 90112]
"McAfeeUpdaterUI"="C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" [2004-05-21 03:50 135224]
"Network Associates Error Reporting Service"="C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe" [2003-10-07 09:48 147514]
"RtWLan"="C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtWLan.exe" [2005-03-25 10:13 491520]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-10-29 17:50 4620288]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2004-10-29 17:50 86016]
"YSearchProtection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [2007-06-08 10:59 224248]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"VTTimer"="VTTimer.exe" [2004-01-16 13:33 49152 C:\WINDOWS\system32\VTTimer.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 20:06 88363 C:\WINDOWS\AGRSMMSG.exe]
"nwiz"="nwiz.exe" [2004-10-29 17:50 921600 C:\WINDOWS\system32\nwiz.exe]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 14:47 57344 C:\WINDOWS\ALCXMNTR.EXE]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 15:38 39264]
C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-04-22 23:15:57 113664]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
OptiCAL Startup.lnk - C:\Program Files\PANTONE COLORVISION\OptiCAL\OptiCAL.exe [2003-03-18 16:49:10 3657728]
TabUserW.exe.lnk - C:\WINDOWS\system32\WTablet\TabUserW.exe [2005-11-16 17:26:40 114688]
WG111v2 Smart Wizard Wireless Setting.lnk - C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe [2005-10-05 00:00:53 745472]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\NetMeeting\\conf.exe"=
"C:\\WINDOWS\\system32\\mmc.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\SAGENT4.EXE"=
"C:\\Program Files\\BitLord\\BitLord.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"C:\\Program Files\\Lphant\\eLePhantClient.exe"=
R2 EAPPkt;Realtek EAPPkt Protocol;C:\WINDOWS\system32\DRIVERS\EAPPkt.sys [2005-03-24 15:39]
R2 NwSapAgent;SAP Agent;C:\WINDOWS\system32\svchost.exe [2004-08-04 15:00]
R3 SjyPkt;SjyPkt;C:\WINDOWS\System32\Drivers\SjyPkt.sys [2002-10-02 08:57]
S3 cvspydr2;ColorVision Spyder 2;C:\WINDOWS\system32\DRIVERS\cvspydr2.sys [2002-04-02 16:30]
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;C:\WINDOWS\system32\DRIVERS\wg111v2.sys [2005-03-24 15:48]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{05497f18-fb9f-11dc-b1f6-000fb5b6d263}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL boot.pif
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{40d40765-36e0-11da-b0cb-000fb5b6d263}]
\Shell\Auto\command - boot.pif
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL boot.pif
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eae0d019-6397-11db-b15d-000fb5b6d263}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL boot.pif
*Newly Created Service* - CATCHME
*Newly Created Service* - SJYPKT
.
Contents of the 'Scheduled Tasks' folder
"2008-07-01 22:26:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-07-09 12:36:48 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
"2008-07-05 22:00:00 C:\WINDOWS\Tasks\ParetoLogic Registration.job"
- C:\WINDOWS\system32\rundll32.exe@
"2008-07-09 04:33:00 C:\WINDOWS\Tasks\ParetoLogic Update Version2.job"
- C:\Program Files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe
"2008-07-09 23:51:30 C:\WINDOWS\Tasks\RegCure Program Check.job"
- C:\Program Files\RegCure\RegCure.exe
"2008-07-05 20:01:34 C:\WINDOWS\Tasks\RegCure.job"
- C:\Program Files\RegCure\RegCure.exe
"2005-07-07 06:44:28 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-07-09 20:36:48
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
.
Completion time: 2008-07-09 20:40:01
ComboFix-quarantined-files.txt 2008-07-10 00:38:59
Pre-Run: 76,531,044,352 bytes free
Post-Run: 78,858,219,520 bytes free
232 --- E O F --- 2008-07-09 04:34:55
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:58:15 PM, on 7/9/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\ps2.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtWLan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://ie.redirect.h...a...&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.myspace.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://ie.redirect.h...a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://us.rd.yahoo.c...//www.yahoo.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: VS_IEHlprObj Class - {829CAB51-A4EA-4a15-87B6-4B7D0747939C} - C:\Program Files\Network Associates\VirusScan\bho.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P30 "EPSON Stylus Photo R200 Series" /O6 "USB001" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [RtWLan] C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtWLan.exe /H
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: OptiCAL Startup.lnk = C:\Program Files\PANTONE COLORVISION\OptiCAL\OptiCAL.exe
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
O4 - Global Startup: WG111v2 Smart Wizard Wireless Setting.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
--
End of file - 7975 bytes
Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
This topic is locked
