amphatoast
2008-06-18, 15:22
combofix log
ComboFix 08-06-16.5 - Ricardo 2008-06-18 8:05:30.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.821 [GMT -4:00]
Running from: C:\Documents and Settings\Ricardo\Desktop\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\MSINET.oca
.
((((((((((((((((((((((((( Files Created from 2008-05-18 to 2008-06-18 )))))))))))))))))))))))))))))))
.
2008-06-13 14:12 . 2008-06-13 15:16 <DIR> d-------- C:\Program Files\IGZones
2008-06-10 18:49 . 2008-04-14 07:01 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-10 18:49 . 2008-04-14 07:01 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-05-25 14:48 . 2008-05-25 14:48 <DIR> d-------- C:\Program Files\TMobile USA
2008-05-25 14:48 . 1997-10-20 06:01 27,136 --a------ C:\WINDOWS\system32\PPCLOAD.DLL
2008-05-20 11:26 . 2008-05-20 11:26 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SupportSoft
2008-05-20 11:25 . 2008-05-20 11:25 <DIR> d-------- C:\Program Files\Dell Support Center
2008-05-20 11:25 . 2008-05-20 11:25 <DIR> d-------- C:\Program Files\Common Files\supportsoft
2008-05-20 11:17 . 2008-05-20 11:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Dell
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-13 18:22 --------- d-----w C:\Program Files\Microsoft Games
2008-05-29 17:59 --------- d-----w C:\Program Files\The Cleaner Free
2008-05-25 18:48 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-15 22:51 5,376 ----a-w C:\WINDOWS\system32\drivers\MS1000.sys
2008-05-13 04:31 --------- d--h--w C:\Documents and Settings\Ricardo\Application Data\Gtek
2008-05-13 04:12 --------- d-----w C:\Program Files\DellSupport
2008-05-11 00:16 96,520 ----a-w C:\WINDOWS\system32\drivers\avgldx86.sys
2008-05-11 00:16 75,272 ----a-w C:\WINDOWS\system32\drivers\avgtdix.sys
2008-05-11 00:16 10,520 ----a-w C:\WINDOWS\system32\avgrsstx.dll
2008-05-11 00:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg8
2008-05-10 13:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:18 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-06 14:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-05-06 05:24 3,852 ----a-w C:\WINDOWS\system32\tmp.reg
2008-05-06 04:57 --------- d-----w C:\Program Files\CCleaner
2008-05-05 11:25 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Intel
2008-05-05 04:01 --------- d-----w C:\Program Files\Trend Micro
2008-05-05 03:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-05-03 20:03 --------- d-----w C:\Program Files\GameSpy Arcade
2008-05-03 16:55 --------- d-----w C:\Program Files\AVG
2008-05-03 16:53 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-05-03 16:34 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2008-05-03 16:34 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
2008-05-03 16:34 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-04-30 05:07 61,224 ----a-w C:\Documents and Settings\Ricardo\GoToAssistDownloadHelper.exe
2008-04-30 05:07 --------- d-----w C:\Program Files\Citrix
2008-04-27 16:29 --------- d-----w C:\Program Files\Rhapsody
2008-04-24 12:10 86,528 ----a-w C:\WINDOWS\system32\VACFix.exe
2008-04-23 11:08 --------- d-----w C:\Program Files\SanDisk
2008-04-23 11:08 --------- d-----w C:\Documents and Settings\Ricardo\Application Data\InstallShield
2008-04-21 07:04 659,456 ----a-w C:\WINDOWS\system32\wininet.dll
2008-03-27 08:12 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2006-05-03 09:06 163,328 --sha-r C:\WINDOWS\system32\flvDX.dll
2007-02-21 10:47 31,232 --sha-r C:\WINDOWS\system32\msfDX.dll
.
((((((((((((((((((((((((((((( snapshot@2008-05-07_ 1.33.14.51 )))))))))))))))))))))))))))))))))))))))))
.
- 2004-10-14 15:34:52 7,168 ----a-w C:\WINDOWS\$hf_mig$\KB873339\spmsg.dll
+ 2004-10-14 14:34:52 7,168 ----a-w C:\WINDOWS\$hf_mig$\KB873339\spmsg.dll
- 2004-10-14 15:36:18 169,984 ----a-w C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
+ 2004-10-14 14:36:18 169,984 ----a-w C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
- 2004-10-14 15:36:16 21,504 ----a-w C:\WINDOWS\$hf_mig$\KB873339\update\spcustom.dll
+ 2004-10-14 14:36:16 21,504 ----a-w C:\WINDOWS\$hf_mig$\KB873339\update\spcustom.dll
- 2004-10-14 15:34:54 654,848 ----a-w C:\WINDOWS\$hf_mig$\KB873339\update\update.exe
+ 2004-10-14 14:34:54 654,848 ----a-w C:\WINDOWS\$hf_mig$\KB873339\update\update.exe
+ 2008-01-23 04:56:21 554,008 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\dao360.dll
+ 2007-12-10 12:41:11 518,944 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexch40.dll
+ 2007-12-10 12:41:11 326,432 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexcl40.dll
+ 2007-12-10 12:41:11 1,516,568 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjet40.dll
+ 2007-12-10 12:41:11 355,112 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjetol1.dll
+ 2008-03-27 07:39:13 151,583 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjint40.dll
+ 2007-12-10 12:41:12 60,192 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjter40.dll
+ 2007-12-10 12:41:12 248,608 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjtes40.dll
+ 2007-12-10 12:41:12 219,936 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msltus40.dll
+ 2007-12-10 12:41:12 355,104 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mspbde40.dll
+ 2007-12-10 12:41:13 432,928 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd2x40.dll
+ 2007-12-10 12:41:13 322,336 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd3x40.dll
+ 2007-12-10 12:41:13 559,904 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrepl40.dll
+ 2007-12-10 12:41:13 264,992 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mstext40.dll
+ 2007-12-10 12:41:13 838,432 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswdat10.dll
+ 2007-12-10 12:41:14 621,344 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswstr10.dll
+ 2007-12-10 12:41:14 355,104 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msxbde40.dll
+ 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB950749\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB950749\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\updspapi.dll
+ 2008-04-21 06:56:54 1,024,000 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\browseui.dll
+ 2008-04-21 06:56:54 151,040 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\cdfview.dll
+ 2008-04-21 06:56:55 1,054,208 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\danim.dll
+ 2008-04-21 06:56:55 357,888 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\dxtmsft.dll
+ 2008-04-21 06:56:55 205,312 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\dxtrans.dll
+ 2008-04-21 06:56:55 55,808 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\extmgr.dll
+ 2008-04-17 10:46:59 18,432 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\iedw.exe
+ 2008-04-21 06:56:56 251,904 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\iepeers.dll
+ 2008-04-21 06:56:56 96,256 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\inseng.dll
+ 2008-04-21 06:56:56 16,384 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\jsproxy.dll
+ 2008-04-21 06:56:57 3,066,880 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\mshtml.dll
+ 2008-04-21 06:56:57 449,024 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\mshtmled.dll
+ 2008-04-21 06:56:57 146,432 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\msrating.dll
+ 2008-04-21 06:56:58 532,480 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\mstime.dll
+ 2008-04-21 06:56:58 39,424 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\pngfilt.dll
+ 2008-04-21 06:56:58 1,499,136 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\shdocvw.dll
+ 2008-04-21 06:56:58 474,112 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\shlwapi.dll
+ 2008-04-21 06:56:58 618,496 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\urlmon.dll
+ 2008-04-21 06:56:59 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\wininet.dll
+ 2008-04-17 10:37:04 351,744 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\xpsp3res.dll
+ 2008-04-21 06:44:29 3,066,880 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP3GDR\mshtml.dll
+ 2008-04-21 06:44:29 666,112 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP3GDR\wininet.dll
+ 2008-04-21 06:24:01 3,067,392 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP3QFE\mshtml.dll
+ 2008-04-21 06:24:02 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP3QFE\wininet.dll
+ 2007-11-30 12:39:22 17,272 ----a-w C:\WINDOWS\$hf_mig$\KB950759\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w C:\WINDOWS\$hf_mig$\KB950759\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950759\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w C:\WINDOWS\$hf_mig$\KB950759\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w C:\WINDOWS\$hf_mig$\KB950759\update\updspapi.dll
+ 2008-05-07 04:55:40 1,288,192 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP2QFE\quartz.dll
+ 2008-05-07 05:12:40 1,288,192 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3GDR\quartz.dll
+ 2008-05-07 05:04:15 1,288,192 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:18:51 17,272 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\updspapi.dll
+ 2004-08-12 13:56:47 561,179 -c----w C:\WINDOWS\$NtUninstallKB950749$\dao360.dll
+ 2004-08-12 14:00:43 512,029 -c----w C:\WINDOWS\$NtUninstallKB950749$\msexch40.dll
+ 2004-08-12 14:00:43 319,517 -c----w C:\WINDOWS\$NtUninstallKB950749$\msexcl40.dll
+ 2004-08-12 14:00:56 1,507,356 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjet40.dll
+ 2004-08-12 14:00:56 358,976 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjetol1.dll
+ 2004-08-12 14:00:56 358,976 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjetoledb40.dll
+ 2004-08-12 14:00:56 151,583 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjint40.dll
+ 2004-08-12 14:00:57 53,279 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjter40.dll
+ 2004-08-12 14:00:57 241,693 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjtes40.dll
+ 2004-08-12 14:00:58 213,023 -c----w C:\WINDOWS\$NtUninstallKB950749$\msltus40.dll
+ 2004-08-12 14:01:11 348,189 -c----w C:\WINDOWS\$NtUninstallKB950749$\mspbde40.dll
+ 2004-08-12 14:01:15 421,919 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrd2x40.dll
+ 2004-08-12 14:01:15 315,423 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrd3x40.dll
+ 2004-08-12 14:01:16 552,989 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrepl40.dll
+ 2004-08-12 14:01:20 258,077 -c----w C:\WINDOWS\$NtUninstallKB950749$\mstext40.dll
+ 2004-08-12 14:01:25 831,519 -c----w C:\WINDOWS\$NtUninstallKB950749$\mswdat10.dll
+ 2004-08-12 14:01:26 614,429 -c----w C:\WINDOWS\$NtUninstallKB950749$\mswstr10.dll
+ 2004-08-12 14:01:27 348,189 -c----w C:\WINDOWS\$NtUninstallKB950749$\msxbde40.dll
+ 2007-03-06 01:22:41 213,216 -c----w C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\$NtUninstallKB950749$\spuninst\updspapi.dll
- 2008-05-07 05:27:00 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-18 11:50:18 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-14 11:01:02 272,128 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
+ 2007-09-06 17:16:22 1,229,824 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\55EEFB3E2E930EB49B6698EF8583221C\2.0.7311\file_Dapi5.dll
+ 2007-09-06 17:16:20 1,423,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\55EEFB3E2E930EB49B6698EF8583221C\2.0.7311\file_Matrix.dll
+ 2007-09-06 17:01:36 377,120 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\55EEFB3E2E930EB49B6698EF8583221C\2.0.7311\file_pcd.exe
+ 2007-11-15 13:23:56 853,280 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\55EEFB3E2E930EB49B6698EF8583221C\2.0.7311\file_sprtsync.dll
+ 2007-11-15 13:24:04 1,144,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\55EEFB3E2E930EB49B6698EF8583221C\2.0.7311\file_tgctlsi.dll
+ 2007-11-15 13:24:04 2,037,288 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\55EEFB3E2E930EB49B6698EF8583221C\2.0.7311\file_tglib.dll
+ 2008-05-13 04:12:38 65,536 ----a-r C:\WINDOWS\Installer\{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}\NewShortcut2_F04825A0D1E9444AA8D32CE95CBF1716.exe
+ 2008-05-13 04:12:38 65,536 ----a-r C:\WINDOWS\Installer\{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}\Program_CheckNow_S_A865F9643D344747AD8AA93191B65DD3.exe
+ 2008-05-13 04:12:38 65,536 ----a-r C:\WINDOWS\Installer\{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}\Program_FAQ_SC1_A865F9643D344747AD8AA93191B65DD3.exe
+ 2008-05-13 04:12:38 45,056 ----a-r C:\WINDOWS\Installer\{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}\Program_Help_SC1_A865F9643D344747AD8AA93191B65DD3.exe
+ 2008-05-13 04:12:38 65,536 ----a-r C:\WINDOWS\Installer\{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}\Program_Setting_SC_A865F9643D344747AD8AA93191B65DD3.exe
- 2008-02-16 08:59:34 1,023,488 ----a-w C:\WINDOWS\system32\browseui.dll
+ 2008-04-21 07:03:56 1,023,488 ----a-w C:\WINDOWS\system32\browseui.dll
- 2008-02-16 08:59:35 151,040 ----a-w C:\WINDOWS\system32\cdfview.dll
+ 2008-04-21 07:03:56 151,040 ----a-w C:\WINDOWS\system32\cdfview.dll
- 2008-02-16 08:59:35 1,054,208 ----a-w C:\WINDOWS\system32\danim.dll
+ 2008-04-21 07:03:57 1,054,208 ----a-w C:\WINDOWS\system32\danim.dll
- 2008-02-16 08:59:34 1,023,488 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
+ 2008-04-21 07:03:56 1,023,488 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
- 2008-02-16 08:59:35 151,040 -c--a-w C:\WINDOWS\system32\dllcache\cdfview.dll
+ 2008-04-21 07:03:56 151,040 -c--a-w C:\WINDOWS\system32\dllcache\cdfview.dll
- 2008-02-16 08:59:35 1,054,208 -c--a-w C:\WINDOWS\system32\dllcache\danim.dll
+ 2008-04-21 07:03:57 1,054,208 -c--a-w C:\WINDOWS\system32\dllcache\danim.dll
- 2004-08-12 13:56:47 561,179 -c--a-w C:\WINDOWS\system32\dllcache\dao360.dll
+ 2008-03-25 04:50:25 554,008 -c--a-w C:\WINDOWS\system32\dllcache\dao360.dll
- 2004-08-04 04:08:00 60,288 -c--a-w C:\WINDOWS\system32\dllcache\drmk.sys
+ 2004-08-04 03:08:00 60,288 -c--a-w C:\WINDOWS\system32\dllcache\drmk.sys
- 2008-02-16 08:59:35 357,888 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-04-21 07:03:57 357,888 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2008-02-16 08:59:35 205,312 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-04-21 07:03:57 205,312 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2008-02-16 08:59:35 55,808 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-04-21 07:03:57 55,808 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2008-02-15 09:23:37 18,432 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
+ 2008-04-17 10:52:54 18,432 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
- 2008-02-16 08:59:35 251,392 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2008-04-21 07:03:58 251,392 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
- 2008-02-16 08:59:35 96,256 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
+ 2008-04-21 07:03:58 96,256 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
- 2008-02-16 08:59:35 16,384 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-04-21 07:03:58 16,384 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2004-08-04 04:15:22 140,928 -c--a-w C:\WINDOWS\system32\dllcache\ks.sys
+ 2004-08-04 03:15:22 140,928 -c--a-w C:\WINDOWS\system32\dllcache\ks.sys
- 2004-08-12 14:00:43 512,029 -c--a-w C:\WINDOWS\system32\dllcache\msexch40.dll
+ 2008-03-25 04:50:28 518,944 -c--a-w C:\WINDOWS\system32\dllcache\msexch40.dll
- 2004-08-12 14:00:43 319,517 -c--a-w C:\WINDOWS\system32\dllcache\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 -c--a-w C:\WINDOWS\system32\dllcache\msexcl40.dll
- 2008-02-16 22:29:38 3,059,712 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-04-21 07:03:59 3,059,712 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2008-02-16 08:59:37 449,024 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-04-21 07:03:59 449,024 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2004-08-12 14:00:56 1,507,356 -c--a-w C:\WINDOWS\system32\dllcache\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 -c--a-w C:\WINDOWS\system32\dllcache\msjet40.dll
- 2004-08-12 14:00:56 358,976 -c--a-w C:\WINDOWS\system32\dllcache\msjetol1.dll
+ 2008-03-25 04:50:40 355,112 -c--a-w C:\WINDOWS\system32\dllcache\msjetol1.dll
- 2004-08-12 14:00:56 151,583 -c--a-w C:\WINDOWS\system32\dllcache\msjint40.dll
+ 2008-03-27 08:12:54 151,583 -c--a-w C:\WINDOWS\system32\dllcache\msjint40.dll
- 2004-08-12 14:00:57 53,279 -c--a-w C:\WINDOWS\system32\dllcache\msjter40.dll
+ 2008-03-25 04:50:42 60,192 -c--a-w C:\WINDOWS\system32\dllcache\msjter40.dll
- 2004-08-12 14:00:57 241,693 -c--a-w C:\WINDOWS\system32\dllcache\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 -c--a-w C:\WINDOWS\system32\dllcache\msjtes40.dll
- 2004-08-12 14:00:58 213,023 -c--a-w C:\WINDOWS\system32\dllcache\msltus40.dll
+ 2008-03-25 04:50:44 219,936 -c--a-w C:\WINDOWS\system32\dllcache\msltus40.dll
- 2004-08-12 14:01:11 348,189 -c--a-w C:\WINDOWS\system32\dllcache\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 -c--a-w C:\WINDOWS\system32\dllcache\mspbde40.dll
- 2008-02-16 08:59:37 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-04-21 07:03:59 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2004-08-12 14:01:15 421,919 -c--a-w C:\WINDOWS\system32\dllcache\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 -c--a-w C:\WINDOWS\system32\dllcache\msrd2x40.dll
- 2004-08-12 14:01:15 315,423 -c--a-w C:\WINDOWS\system32\dllcache\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 -c--a-w C:\WINDOWS\system32\dllcache\msrd3x40.dll
- 2004-08-12 14:01:16 552,989 -c--a-w C:\WINDOWS\system32\dllcache\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 -c--a-w C:\WINDOWS\system32\dllcache\msrepl40.dll
- 2004-08-12 14:01:20 258,077 -c--a-w C:\WINDOWS\system32\dllcache\mstext40.dll
+ 2008-03-25 04:50:55 264,992 -c--a-w C:\WINDOWS\system32\dllcache\mstext40.dll
- 2008-02-16 08:59:37 532,480 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-04-21 07:03:59 532,480 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
- 2004-08-12 14:01:25 831,519 -c--a-w C:\WINDOWS\system32\dllcache\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 -c--a-w C:\WINDOWS\system32\dllcache\mswdat10.dll
- 2004-08-12 14:01:26 614,429 -c--a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
+ 2008-03-25 04:50:58 621,344 -c--a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
- 2004-08-12 14:01:27 348,189 -c--a-w C:\WINDOWS\system32\dllcache\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 -c--a-w C:\WINDOWS\system32\dllcache\msxbde40.dll
- 2008-02-16 08:59:37 39,424 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-04-21 07:03:59 39,424 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2004-08-04 04:15:50 145,792 -c--a-w C:\WINDOWS\system32\dllcache\portcls.sys
+ 2004-03-16 16:58:20 136,960 -c--a-w C:\WINDOWS\system32\dllcache\portcls.sys
- 2007-10-29 22:43:03 1,287,680 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2008-05-07 05:18:48 1,287,680 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
- 2006-07-13 08:48:58 202,240 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
+ 2008-05-08 12:28:49 202,752 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
- 2008-02-16 08:59:38 1,494,528 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
+ 2008-04-21 07:04:00 1,494,528 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
- 2008-02-16 08:59:38 474,112 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
+ 2008-04-21 07:04:00 474,112 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
- 2004-08-04 04:08:04 48,640 -c--a-w C:\WINDOWS\system32\dllcache\stream.sys
+ 2004-08-04 03:08:04 48,640 -c--a-w C:\WINDOWS\system32\dllcache\stream.sys
- 2008-02-16 08:59:38 615,936 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-04-21 07:04:00 615,936 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2008-02-16 08:59:39 659,456 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-04-21 07:04:00 659,456 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
- 2008-05-03 16:55:21 26,184 ----a-w C:\WINDOWS\system32\drivers\avgmfx86.sys
+ 2008-05-11 00:16:40 26,184 ----a-w C:\WINDOWS\system32\drivers\avgmfx86.sys
- 2004-08-04 04:08:00 60,288 ----a-w C:\WINDOWS\system32\drivers\drmk.sys
+ 2004-08-04 03:08:00 60,288 ----a-w C:\WINDOWS\system32\drivers\drmk.sys
+ 2007-02-25 16:10:48 5,376 --s-a-w C:\WINDOWS\system32\drivers\dsunidrv.sys
- 2004-08-04 04:15:22 140,928 ----a-w C:\WINDOWS\system32\drivers\ks.sys
+ 2004-08-04 03:15:22 140,928 ----a-w C:\WINDOWS\system32\drivers\ks.sys
- 2004-08-04 04:15:50 145,792 ----a-w C:\WINDOWS\system32\drivers\portcls.sys
+ 2004-03-16 16:58:20 136,960 ----a-w C:\WINDOWS\system32\drivers\portcls.sys
- 2004-11-15 20:37:52 264,440 ----a-w C:\WINDOWS\system32\drivers\stac97.sys
+ 2004-11-15 19:37:52 264,440 ----a-w C:\WINDOWS\system32\drivers\stac97.sys
- 2004-08-04 04:08:04 48,640 ----a-w C:\WINDOWS\system32\drivers\stream.sys
+ 2004-08-04 03:08:04 48,640 ----a-w C:\WINDOWS\system32\drivers\stream.sys
- 2008-02-16 08:59:35 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-04-21 07:03:57 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2008-02-16 08:59:35 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-04-21 07:03:57 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2008-02-16 08:59:35 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-04-21 07:03:57 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll
- 2008-02-16 08:59:35 251,392 ----a-w C:\WINDOWS\system32\iepeers.dll
+ 2008-04-21 07:03:58 251,392 ----a-w C:\WINDOWS\system32\iepeers.dll
- 2008-02-16 08:59:35 96,256 ----a-w C:\WINDOWS\system32\inseng.dll
+ 2008-04-21 07:03:58 96,256 ----a-w C:\WINDOWS\system32\inseng.dll
- 2008-02-16 08:59:35 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-04-21 07:03:58 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll
- 2008-04-06 05:56:20 19,836,024 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-05-29 23:35:11 17,486,968 ----a-w C:\WINDOWS\system32\MRT.exe
- 2004-08-12 14:00:43 512,029 ----a-w C:\WINDOWS\system32\msexch40.dll
+ 2008-03-25 04:50:28 518,944 ----a-w C:\WINDOWS\system32\msexch40.dll
- 2004-08-12 14:00:43 319,517 ----a-w C:\WINDOWS\system32\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 ----a-w C:\WINDOWS\system32\msexcl40.dll
- 2008-02-16 22:29:38 3,059,712 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-04-21 07:03:59 3,059,712 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2008-02-16 08:59:37 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-04-21 07:03:59 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2004-08-12 14:00:56 1,507,356 ----a-w C:\WINDOWS\system32\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 ----a-w C:\WINDOWS\system32\msjet40.dll
- 2004-08-12 14:00:56 358,976 ----a-w C:\WINDOWS\system32\msjetoledb40.dll
+ 2008-03-25 04:50:40 355,112 ----a-w C:\WINDOWS\system32\msjetoledb40.dll
- 2004-08-12 14:00:57 53,279 ----a-w C:\WINDOWS\system32\msjter40.dll
+ 2008-03-25 04:50:42 60,192 ----a-w C:\WINDOWS\system32\msjter40.dll
- 2004-08-12 14:00:57 241,693 ----a-w C:\WINDOWS\system32\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 ----a-w C:\WINDOWS\system32\msjtes40.dll
- 2004-08-12 14:00:58 213,023 ----a-w C:\WINDOWS\system32\msltus40.dll
+ 2008-03-25 04:50:44 219,936 ----a-w C:\WINDOWS\system32\msltus40.dll
- 2004-08-12 14:01:11 348,189 ----a-w C:\WINDOWS\system32\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 ----a-w C:\WINDOWS\system32\mspbde40.dll
- 2008-02-16 08:59:37 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-04-21 07:03:59 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
- 2004-08-12 14:01:15 421,919 ----a-w C:\WINDOWS\system32\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 ----a-w C:\WINDOWS\system32\msrd2x40.dll
- 2004-08-12 14:01:15 315,423 ----a-w C:\WINDOWS\system32\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 ----a-w C:\WINDOWS\system32\msrd3x40.dll
- 2004-08-12 14:01:16 552,989 ----a-w C:\WINDOWS\system32\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 ----a-w C:\WINDOWS\system32\msrepl40.dll
- 2004-08-12 14:01:20 258,077 ----a-w C:\WINDOWS\system32\mstext40.dll
+ 2008-03-25 04:50:55 264,992 ----a-w C:\WINDOWS\system32\mstext40.dll
- 2008-02-16 08:59:37 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-04-21 07:03:59 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
- 2004-08-12 14:01:25 831,519 ----a-w C:\WINDOWS\system32\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 ----a-w C:\WINDOWS\system32\mswdat10.dll
- 2004-08-12 14:01:26 614,429 ----a-w C:\WINDOWS\system32\mswstr10.dll
+ 2008-03-25 04:50:58 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
- 2004-08-12 14:01:27 348,189 ----a-w C:\WINDOWS\system32\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 ----a-w C:\WINDOWS\system32\msxbde40.dll
- 2008-03-09 15:38:43 53,166 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-05-10 04:45:55 53,166 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-03-09 15:38:43 380,918 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-05-10 04:45:55 380,918 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-02-16 08:59:37 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-04-21 07:03:59 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2004-08-04 04:08:00 60,288 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\drmk.sys
+ 2004-08-04 04:15:22 140,928 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\ks.sys
+ 2004-08-04 05:56:44 4,096 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\ksuser.dll
+ 2004-08-04 04:15:50 145,792 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\portcls.sys
+ 2004-08-04 04:08:04 48,640 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\stream.sys
+ 2004-08-04 05:56:58 23,552 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\wdmaud.drv
+ 2004-11-15 20:37:52 264,440 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\stac97.sys
- 2008-02-16 08:59:38 1,494,528 ----a-w C:\WINDOWS\system32\shdocvw.dll
+ 2008-04-21 07:04:00 1,494,528 ----a-w C:\WINDOWS\system32\shdocvw.dll
- 2008-02-16 08:59:38 474,112 ----a-w C:\WINDOWS\system32\shlwapi.dll
+ 2008-04-21 07:04:00 474,112 ----a-w C:\WINDOWS\system32\shlwapi.dll
- 2006-09-25 21:58:48 14,640 ----a-w C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 11:18:51 17,272 ------w C:\WINDOWS\system32\spmsg.dll
- 2008-02-16 08:59:38 615,936 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-04-21 07:04:00 615,936 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2008-02-15 09:06:21 351,744 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2008-04-17 10:37:04 351,744 ----a-w C:\WINDOWS\system32\xpsp3res.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1CCC2492-7D12-466C-AE8C-7CBDCD9CEE4B}]
C:\WINDOWS\system32\iifecyaX.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Aim6"="" []
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 13:39 1289000]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 11:09 460784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2006-07-19 13:03 94208 C:\WINDOWS\KHALMNPR.Exe]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2006-07-19 13:03 94208 C:\WINDOWS\KHALMNPR.Exe]
"Dell QuickSet"="C:\Program Files\Dell\QuickSet\Quickset.exe" [2006-08-03 19:51 1032192]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-11-16 02:05 127035]
"Updater"="C:\WINDOWS\system32\updater\explorer.exe" [2007-11-24 15:08 1478612]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-04-11 12:43 53248]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 09:23 202544]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-05-10 20:16 1177368]
"WatchDog"="C:\Program Files\mobile PhoneTools\WatchDog.exe" [2004-08-14 06:42 36864]
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2004-01-07 02:01 110592]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" [2006-11-09 16:07 49263]
"SansaDispatch"="C:\Program Files\SanDisk\Sansa Updater\SansaDispatch.exe" [2007-10-22 12:52 75584]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 10:54 282624]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [ ]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2004-10-30 15:59 385024]
"googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe" [2007-01-01 17:22 3739648]
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 09:24 16384]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 22:05 344064]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2005-10-07 15:13 176128]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [2008-01-11 22:16:38 39792]
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2007-05-11 00:29:22 738968]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-01-10 00:31:21 671744]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 08:05:56 65588]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll 2008-04-30 01:07 10536 C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\LgNotify.dll 2004-09-07 17:08 110592 C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i420vfw.dll
"vidc.yv12"= yv12vfw.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WLSetupSvc"=3 (0x3)
"usnjsvc"=3 (0x3)
"iPod Service"=3 (0x3)
"GoToAssist"=3 (0x3)
"aawservice"=2 (0x2)
"Creative Service for CDROM Access"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\AIM6\\aim6.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Microsoft Games\\Age of Empires II\\EMPIRES2.EXE"=
"C:\\Program Files\\Microsoft Games\\Age of Empires II\\EMPIRES2.ICD"=
"C:\\WINDOWS\\system32\\dplaysvr.exe"=
"C:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"C:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\Program Files\\IGZones\\IGZones.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"15384:TCP"= 15384:TCP:BitComet 15384 TCP
"15384:UDP"= 15384:UDP:BitComet 15384 UDP
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-05-10 20:16]
R1 fanio;FanIO driver;C:\WINDOWS\system32\drivers\fanio.sys [2007-02-16 05:05]
R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-05-10 20:16]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-05-10 20:16]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-05-10 20:16]
R2 LBeepKE;LBeepKE;C:\WINDOWS\system32\Drivers\LBeepKE.sys [2006-09-01 13:32]
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-11-15 09:23]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 17:38]
S3 ATIXPGAA;ATIXPGAA;C:\dell\drivers\R74793\ATIXPGAA.SYS [2003-07-30 21:34]
S4 GoToAssist;GoToAssist;"C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe" Start=service []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - D:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{181673ea-90b6-11dc-b275-00166f142518}]
\Shell\Auto\command - sss.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL sss.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2066ebf1-1672-11dd-b3b6-0011436a9b5d}]
\Shell\Auto\command - Start.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{28714020-ae9d-11db-b052-0011436a9b5d}]
\Shell\Auto\command - H:\Start.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a10416d0-e0e9-11dc-b329-0011436a9b5d}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a
*Newly Created Service* - CATCHME
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-18 08:07:38
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-06-18 8:08:56
ComboFix-quarantined-files.txt 2008-06-18 12:08:17
ComboFix2.txt 2008-05-07 05:33:33
Pre-Run: 6,993,231,872 bytes free
Post-Run: 7,287,406,592 bytes free
467 --- E O F --- 2008-06-11 04:14:29
hijackthis log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:21:03 PM, on 6/17/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\Dell\QuickSet\Quickset.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\updater\explorer.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\mobile PhoneTools\WatchDog.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Apoint\Apoint.exe
C:\DOCUME~1\Ricardo\LOCALS~1\Temp\ir_ext_temp_93\autorun.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CCC2492-7D12-466C-AE8C-7CBDCD9CEE4B} - C:\WINDOWS\system32\iifecyaX.dll (file missing)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {BC7D8DE8-EF3D-4F44-8B54-03759FAC1367} - C:\WINDOWS\system32\khfDtRKd.dll (file missing)
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\Quickset.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Updater] C:\WINDOWS\system32\updater\explorer.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\mobile PhoneTools\WatchDog.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [SansaDispatch] C:\Program Files\SanDisk\Sansa Updater\SansaDispatch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WLANKEEPER - IntelŽ Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
--
End of file - 9245 bytes
amphatoast
2008-06-20, 21:41
combifix log
ComboFix 08-06-16.5 - Ricardo 2008-06-20 12:46:04.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.800 [GMT -4:00]
Running from: C:\Documents and Settings\Ricardo\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Ricardo\Desktop\CFScript.txt
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2008-05-20 to 2008-06-20 )))))))))))))))))))))))))))))))
.
2008-06-20 12:39 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-06-18 13:23 . 2008-06-18 13:24 <DIR> d-------- C:\Documents and Settings\Ricardo\.SunDownloadManager
2008-06-13 14:12 . 2008-06-13 15:16 <DIR> d-------- C:\Program Files\IGZones
2008-06-10 18:49 . 2008-06-13 09:10 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-10 18:49 . 2008-06-13 09:10 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-05-25 14:48 . 2008-05-25 14:48 <DIR> d-------- C:\Program Files\TMobile USA
2008-05-25 14:48 . 1997-10-20 06:01 27,136 --a------ C:\WINDOWS\system32\PPCLOAD.DLL
2008-05-20 11:26 . 2008-05-20 11:26 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SupportSoft
2008-05-20 11:25 . 2008-05-20 11:25 <DIR> d-------- C:\Program Files\Dell Support Center
2008-05-20 11:25 . 2008-05-20 11:25 <DIR> d-------- C:\Program Files\Common Files\supportsoft
2008-05-20 11:17 . 2008-05-20 11:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Dell
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-20 16:39 --------- d-----w C:\Program Files\Java
2008-06-13 18:22 --------- d-----w C:\Program Files\Microsoft Games
2008-05-29 17:59 --------- d-----w C:\Program Files\The Cleaner Free
2008-05-25 18:48 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-15 22:51 5,376 ----a-w C:\WINDOWS\system32\drivers\MS1000.sys
2008-05-13 04:31 --------- d--h--w C:\Documents and Settings\Ricardo\Application Data\Gtek
2008-05-13 04:12 --------- d-----w C:\Program Files\DellSupport
2008-05-11 00:16 96,520 ----a-w C:\WINDOWS\system32\drivers\avgldx86.sys
2008-05-11 00:16 75,272 ----a-w C:\WINDOWS\system32\drivers\avgtdix.sys
2008-05-11 00:16 10,520 ----a-w C:\WINDOWS\system32\avgrsstx.dll
2008-05-11 00:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg8
2008-05-10 13:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:18 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-06 14:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-05-06 05:24 3,852 ----a-w C:\WINDOWS\system32\tmp.reg
2008-05-06 04:57 --------- d-----w C:\Program Files\CCleaner
2008-05-05 11:25 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Intel
2008-05-05 04:01 --------- d-----w C:\Program Files\Trend Micro
2008-05-05 03:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-05-03 20:03 --------- d-----w C:\Program Files\GameSpy Arcade
2008-05-03 16:55 --------- d-----w C:\Program Files\AVG
2008-05-03 16:53 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-05-03 16:34 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2008-05-03 16:34 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
2008-05-03 16:34 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-04-30 05:07 61,224 ----a-w C:\Documents and Settings\Ricardo\GoToAssistDownloadHelper.exe
2008-04-30 05:07 --------- d-----w C:\Program Files\Citrix
2008-04-27 16:29 --------- d-----w C:\Program Files\Rhapsody
2008-04-24 12:10 86,528 ----a-w C:\WINDOWS\system32\VACFix.exe
2008-04-23 11:08 --------- d-----w C:\Program Files\SanDisk
2008-04-23 11:08 --------- d-----w C:\Documents and Settings\Ricardo\Application Data\InstallShield
2008-04-21 07:04 659,456 ----a-w C:\WINDOWS\system32\wininet.dll
2008-03-27 08:12 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll
2006-05-03 09:06 163,328 --sha-r C:\WINDOWS\system32\flvDX.dll
2007-02-21 10:47 31,232 --sha-r C:\WINDOWS\system32\msfDX.dll
.
((((((((((((((((((((((((((((( snapshot_2008-06-18_ 8.08.07.84 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-18 11:50:18 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-20 16:35:27 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2008-04-14 11:01:02 272,128 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
+ 2008-06-13 13:10:50 272,128 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
- 2006-11-09 18:28:20 49,248 ----a-w C:\WINDOWS\system32\java.exe
+ 2008-03-25 05:28:39 135,168 ----a-w C:\WINDOWS\system32\java.exe
- 2006-11-09 18:28:30 53,346 ----a-w C:\WINDOWS\system32\javaw.exe
+ 2008-03-25 05:28:43 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
- 2006-11-09 20:07:32 127,078 ----a-w C:\WINDOWS\system32\javaws.exe
+ 2008-03-25 06:37:01 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Aim6"="" []
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 13:39 1289000]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 11:09 460784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2006-07-19 13:03 94208 C:\WINDOWS\KHALMNPR.Exe]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2006-07-19 13:03 94208 C:\WINDOWS\KHALMNPR.Exe]
"Dell QuickSet"="C:\Program Files\Dell\QuickSet\Quickset.exe" [2006-08-03 19:51 1032192]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-11-16 02:05 127035]
"Updater"="C:\WINDOWS\system32\updater\explorer.exe" [2007-11-24 15:08 1478612]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-04-11 12:43 53248]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 09:23 202544]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-05-10 20:16 1177368]
"WatchDog"="C:\Program Files\mobile PhoneTools\WatchDog.exe" [2004-08-14 06:42 36864]
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2004-01-07 02:01 110592]
"SansaDispatch"="C:\Program Files\SanDisk\Sansa Updater\SansaDispatch.exe" [2007-10-22 12:52 75584]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 10:54 282624]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [ ]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2004-10-30 15:59 385024]
"googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe" [2007-01-01 17:22 3739648]
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 09:24 16384]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 22:05 344064]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2005-10-07 15:13 176128]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [2008-01-11 22:16:38 39792]
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2007-05-11 00:29:22 738968]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-01-10 00:31:21 671744]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 08:05:56 65588]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll 2008-04-30 01:07 10536 C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\LgNotify.dll 2004-09-07 17:08 110592 C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i420vfw.dll
"vidc.yv12"= yv12vfw.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WLSetupSvc"=3 (0x3)
"usnjsvc"=3 (0x3)
"iPod Service"=3 (0x3)
"GoToAssist"=3 (0x3)
"aawservice"=2 (0x2)
"Creative Service for CDROM Access"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\AIM6\\aim6.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Microsoft Games\\Age of Empires II\\EMPIRES2.EXE"=
"C:\\Program Files\\Microsoft Games\\Age of Empires II\\EMPIRES2.ICD"=
"C:\\WINDOWS\\system32\\dplaysvr.exe"=
"C:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"C:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\Program Files\\IGZones\\IGZones.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"15384:TCP"= 15384:TCP:BitComet 15384 TCP
"15384:UDP"= 15384:UDP:BitComet 15384 UDP
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-05-10 20:16]
R1 fanio;FanIO driver;C:\WINDOWS\system32\drivers\fanio.sys [2007-02-16 05:05]
R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-05-10 20:16]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-05-10 20:16]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-05-10 20:16]
R2 LBeepKE;LBeepKE;C:\WINDOWS\system32\Drivers\LBeepKE.sys [2006-09-01 13:32]
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-11-15 09:23]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 17:38]
S3 ATIXPGAA;ATIXPGAA;C:\dell\drivers\R74793\ATIXPGAA.SYS [2003-07-30 21:34]
S4 GoToAssist;GoToAssist;"C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe" Start=service []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - D:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a10416d0-e0e9-11dc-b329-0011436a9b5d}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-20 12:48:04
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-06-20 12:49:42
ComboFix-quarantined-files.txt 2008-06-20 16:49:16
ComboFix2.txt 2008-06-18 12:08:56
ComboFix3.txt 2008-05-07 05:33:33
Pre-Run: 6,653,861,888 bytes free
Post-Run: 6,653,964,288 bytes free
184 --- E O F --- 2008-06-20 06:32:41
Friday, June 20, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Friday, June 20, 2008 16:40:59
Records in database: 879801
Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes
Scan area My Computer
C:\
D:\
E:\
F:\
Scan statistics
Files scanned 76160
Threat name 0
Infected objects 0
Suspicious objects 0
Duration of the scan 01:18:08
No malware has been detected. The scan area is clean.
The selected area was scanned.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:40:50 PM, on 6/20/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\Dell\QuickSet\Quickset.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\mobile PhoneTools\WatchDog.exe
C:\Program Files\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\Quickset.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Updater] C:\WINDOWS\system32\updater\explorer.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\mobile PhoneTools\WatchDog.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SansaDispatch] C:\Program Files\SanDisk\Sansa Updater\SansaDispatch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WLANKEEPER - IntelŽ Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
--
End of file - 8703 bytes