First off thank you, next:
CCleaner Log:
911 - First Responders
Adobe Color Common Settings
Adobe ExtendScript Toolkit 2
Adobe Flash Player ActiveX
Adobe Photoshop CS3
Adobe Reader 7.0.8
Adobe Shockwave Player
Age of Empires III
Age of Empires III - The Asian Dynasties
Age of Empires III - The WarChiefs
AGEIA PhysX Processor Driver
AGEIA PhysX v7.05.05
Alcohol 120% (Trial Version)
Apple Mobile Device Support
Apple Software Update
arniWORX awxDTools - Daemon-Tools ShellExtension - 1.0.6.0
Ask Toolbar
AviSynth 2.5
Azureus
BitTorrent 3.4.2
BoliGego Codec Manager 1.0.4.2
Cain & Abel v4.9.6
CCleaner (remove only)
Chocolatier
Collab
Combined Community Codec Pack 2006-05-01 (Remove Only)
Cradle Of Rome
Creative Audio Console
Creative AudioHQ
Creative Diagnostics
Creative DVD Audio Plugin for Audigy Series
Creative Graphic Equalizer
Creative MediaSource
Creative MediaSource DVD-Audio Player
Creative MiniDisc Center
Creative Speaker Settings
Creative Surround Mixer
CrypTool 1.4.10
CUE Splitter
Data Lifeguard Tools
Dawn of War - Dark Crusade
Dell ResourceCD
Deus Ex
DivX Web Player
Doom 3
DOSShell 1.4
DVD Decrypter (Remove Only)
DVD Shrink 3.2
DVD to iPod Converter
EAX Unified
eMule
EVGA Display Driver
Exact Audio Copy 0.99pb3
Exteel
Final Draft 7
Freight Tycoon
FrostWire 4.13.5
GameTap
GetRight
Google Earth
Google Gmail Notifier
GrabIt 1.6.0 Beta (build 928)
Har-Bal v2.0
HijackThis 2.0.2
Hospital Tycoon
HP Photo and Imaging 2.0 - All-in-One
HP Photo and Imaging 2.0 - All-in-One Drivers
hp print screen utility
hp psc 700 series
IGN Download Manager 2.3.2
Image Resizer Powertoy for Windows XP
ImgBurn (Remove Only)
ImTOO DVD to iPod Converter
Inline Search v1.3 for Internet Explorer (remove only)
Intel(R) PRO Network Adapters and Drivers
InterActual Player
Internet Download Accelerator version 5.5
InterVideo WinDVD 6
iolo technologies' System Mechanic Professional 6
iPod for Windows 2005-11-17
iPod for Windows 2006-03-23
iPod for Windows 2006-06-28
iTunes
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 7
Japanese Language Support
Java 2 Runtime Environment, SE v1.4.2_09
Kaspersky Internet Security 6.0
KSignAccessToolkit v1.0
Macromedia Extension Manager
Macromedia Flash 8
Macromedia Flash 8 Video Encoder
Macromedia Flash Player 8
Macromedia Flash Player 8 Plugin
Magic ISO Maker v5.4 (build 0251)
MagicDisc 2.5.79
MD Simple Burner 2.0.01
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Data Access Components KB870669
Microsoft Game Studios Common Redistributables Pack 1
Microsoft IntelliPoint 5.2
Microsoft IntelliType Pro 5.2
Microsoft Kernel-Mode Driver Framework Feature Pack 1.1
Microsoft Office Enterprise 2007
Microsoft Office PowerPoint Viewer 2003
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C# 2005 Express Edition - ENU
Microsoft Visual C++ 2005 Redistributable
Microsoft Windows Journal Viewer
Microsoft Windows Media Video 9 VCM
Microsoft Works 2003 Setup Launcher
Microsoft Works 7.0
Microsoft Works Suite Add-in for Microsoft Word
Microsoft XML Parser
Mids' Hero Designer
MixMeister Pro 6
Mozilla Firefox (2.0.0.14)
MSI v2 to redistribute Rigs of Rods
MSN Toolbar
MSXML 4.0
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 6.0 Parser (KB933579)
MSXML4 Parser
NDS GBM GBA Movie Player(M3) Converter Crystal Ver1.21
Neighbors From Hell: On Vacation
Nero 6 Ultra Edition
Nikon View 6
NVIDIA Drivers
NVIDIA nTune
OneNote Key 8.1 Demo
OpenMG Limited Patch 4.2-05-07-27-01
OpenMG Secure Module 4.2.00
Opera 9.26
Passware Kit Enterprise 8.0
PeerGuardian 2.0
Picasa 2
PlayNC Launcher
PowerArchiver 2007
PowerISO
Prison Tycoon 3
QuickPar 0.9
QuickTime
RealMedia (remove only)
RGSS-RTP Standard
Rigs of Rods 0.34
Rock Tour
RPGXP
RTP for RM2K (Png, Wav, Midi, Fonts)
Search Enhancer
Sinking Island
Sonic Foundry Sound Forge 6.0e
Sony DVD Architect 3.0c
Sony Media Manager 2.0
Sony Vegas 6.0c
Sound Blaster Audigy 2 ZS
SoundFont Bank Manager
Speech
Spybot - Search & Destroy
Spybot - Search & Destroy 1.5.2.20
Stellarium 0.9.0
StumbleUpon IE Toolbar
System Requirements Lab
The Lord of the Rings Online™: Shadows of Angmar™ v01.07.00.811
THX Setup Console
TrueCrypt
TuneUp Utilities 2008
UHS Reader (Version 5.21)
Upshift StrikeRacer
VERITAS RecordNow DX
Videora iPod touch Converter 3.07
Virtools 3D Life Player
Warcraft III: All Products
WaveGenix Deluxe Mastering Suite v5.1.0.1
WebCracker 4.0
Winamp (remove only)
WinBoost 4.62
Windows Driver Package - Microsoft WPD (12/01/2006 1.2.0.0)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live OneCare safety scanner
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Tools 4.1
Windows Rights Management Client Backwards Compatibility SP2
Windows Rights Management Client with Service Pack 2
Windows Vista Upgrade Advisor
WinPcap 4.0.1
WinRAR archiver
WinSCP 4.0.4
WoWscape Server Browser
Writer's Café 1.20
Zombie Shooter
Zoom Player (remove only)
Zune
ComboFix Log:
ComboFix 08-06-05.3 - Will 2008-06-07 19:52:59.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.570 [GMT -6:00]
Running from: H:\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\pskt.ini
.
---- Previous Run -------
.
C:\autorun.inf
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\Documents and Settings\Will\Application Data\macromedia\Flash Player\#SharedObjects\TYBRE4G2\www.broadcaster.com
C:\Documents and Settings\Will\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
C:\Program Files\Common Files\smante~1
C:\Program Files\pppatc~1
C:\Program Files\pppatc~1\?ppPatch\
C:\WINDOWS\BM9331ca3d.xml
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\EgOoonpo.ini
C:\WINDOWS\system32\EgOoonpo.ini2
C:\WINDOWS\system32\ehknqtwa.ini
C:\WINDOWS\system32\ehknqtwa.ini2
C:\WINDOWS\system32\hgGvvvSj.dll
C:\WINDOWS\system32\jhxvcypf.exe
C:\WINDOWS\system32\kdcnmwms.ini
C:\WINDOWS\system32\MagicV2mEngine.dll
C:\WINDOWS\system32\msgsdxnj.ini
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\oitrnnyn.exe
C:\WINDOWS\system32\poVEdMoq.ini
C:\WINDOWS\system32\poVEdMoq.ini2
C:\WINDOWS\system32\uymvkynm.ini
C:\WINDOWS\system32\vdonputv.ini
C:\WINDOWS\system32\wnsapisv.exe
C:\WINDOWS\system32\wvUlkHyA.dll
.
((((((((((((((((((((((((( Files Created from 2008-05-08 to 2008-06-08 )))))))))))))))))))))))))))))))
.
2008-06-07 19:46 . 2008-06-07 19:49 354 ---hs---- C:\WINDOWS\system32\vdonputv.ini
2008-06-07 19:45 . 2008-06-07 19:45 0 --a------ C:\WINDOWS\BM9331ca3d.xml
2008-06-07 18:56 . 2008-06-07 18:56 <DIR> d-------- C:\Program Files\CCleaner
2008-06-05 15:24 . 2008-06-05 15:24 <DIR> d-------- C:\Program Files\Trend Micro
2008-06-05 15:01 . 2008-06-05 15:01 117,248 --a------ C:\WINDOWS\system32\smwmncdk.dll
2008-06-05 14:55 . 2008-06-05 14:55 133,120 --a------ C:\WINDOWS\system32\ohiqwopi.dll
2008-06-05 14:47 . 2008-06-05 14:47 126,976 --a------ C:\WINDOWS\system32\htxreidx.dll
2008-06-04 14:02 . 2008-06-04 14:02 <DIR> d-------- C:\Documents and Settings\Will\Application Data\Turbine
2008-06-04 13:07 . 2008-06-04 13:05 691,545 --a------ C:\WINDOWS\unins000.exe
2008-06-04 13:07 . 2008-06-04 13:07 2,544 --a------ C:\WINDOWS\unins000.dat
2008-06-04 12:59 . 2008-06-04 12:59 <DIR> d-------- C:\Program Files\Turbine
2008-06-04 11:22 . 2008-06-04 11:22 <DIR> d-------- C:\Program Files\NVIDIA Corporation
2008-06-04 11:21 . 2008-06-04 11:21 <DIR> d-------- C:\Program Files\NVIDIA nTune Performance Application
2008-06-04 10:39 . 2008-06-04 10:39 132,608 --a------ C:\WINDOWS\system32\impssxey.dll
2008-06-04 10:36 . 2008-06-04 10:36 116,736 --a------ C:\WINDOWS\system32\vtupnodv.dll
2008-06-04 10:34 . 2008-06-04 10:34 0 --a------ C:\WINDOWS\system32\umarcrej.dll
2008-06-04 10:34 . 2008-06-04 10:34 0 --a------ C:\WINDOWS\system32\bksvjrgr.exe
2008-06-04 04:43 . 2008-06-04 04:43 116,736 --a------ C:\WINDOWS\system32\mnykvmyu.dll
2008-06-04 04:40 . 2008-06-04 04:40 132,608 --a------ C:\WINDOWS\system32\eeisgouf.dll
2008-06-04 04:31 . 2008-06-04 04:31 126,976 --a------ C:\WINDOWS\system32\kmvjilvi.dll
2008-06-03 17:16 . 2008-06-03 17:16 331 --a------ C:\WINDOWS\doom3.ini
2008-06-03 16:34 . 2008-06-03 16:34 31,744 --a------ C:\WINDOWS\system32\winrkp32.dll
2008-06-03 16:09 . 2008-06-03 16:09 <DIR> d-------- C:\Program Files\arniWORX
2008-06-03 15:43 . 2008-06-03 17:15 <DIR> d-------- C:\Program Files\Doom 3
2008-05-28 16:14 . 2008-05-28 16:14 <DIR> d-------- C:\Program Files\Zombie Shooter
2008-05-11 15:36 . 2008-05-11 15:55 139,264 --a------ C:\WINDOWS\War3Unin.exe
2008-05-11 15:36 . 2008-05-19 17:51 75,791 --a------ C:\WINDOWS\War3Unin.dat
2008-05-11 15:36 . 2008-05-11 15:55 2,829 --a------ C:\WINDOWS\War3Unin.pif
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-08 01:30 928,928 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-06-08 01:30 69,112,096 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-06-08 01:30 208,460 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-06-08 01:30 2,211,872 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-06-08 00:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-08 00:58 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-06-07 10:01 --------- d-----w C:\Documents and Settings\Will\Application Data\StumbleUpon
2008-06-04 18:59 --------- d-----w C:\Documents and Settings\Will\Application Data\GetRightToGo
2008-06-04 17:23 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-04 16:40 --------- d-----w C:\Program Files\Activision Value
2008-06-04 02:23 --------- d-----w C:\Documents and Settings\Will\Application Data\Azureus
2008-06-04 02:19 --------- d-----w C:\Program Files\Zoom Player
2008-06-04 00:59 --------- d-----w C:\Program Files\PowerArchiver
2008-06-03 22:28 --------- d-----w C:\Program Files\SystemRequirementsLab
2008-06-03 22:09 --------- d-----w C:\Program Files\DAEMON Tools
2008-06-02 18:42 --------- d-----w C:\Program Files\Azureus
2008-05-29 00:13 --------- d-----w C:\Program Files\Warcraft III
2008-05-23 18:37 --------- d-----w C:\Program Files\Rigs of Rods 0.34
2008-05-21 09:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-05-13 09:56 --------- d-----w C:\Program Files\PeerGuardian2
2008-05-08 02:57 --------- d-----w C:\Program Files\GPotato
2008-04-29 00:03 --------- d-----w C:\Program Files\FrostWire
2008-04-26 15:29 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll
2008-04-26 01:03 --------- d-----w C:\Documents and Settings\Will\Application Data\FrostWire
2008-04-26 00:29 --------- d-----w C:\Program Files\LimeWire
2008-04-26 00:29 --------- d-----w C:\Program Files\AskSBar
2008-04-26 00:28 --------- d-----w C:\Program Files\Incomplete
2008-04-25 23:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-03-27 08:12 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2007-03-07 02:02 1,532,621 ----a-w C:\Documents and Settings\Will\Application Data\Install.dat
2007-01-18 23:18 46,104 ----a-w C:\Documents and Settings\Will\Application Data\GDIPFONTCACHEV1.DAT
2006-11-04 04:33 32 ----a-r C:\Documents and Settings\All Users\hash.dat
2006-05-17 01:16 79,872 ----a-w C:\Documents and Settings\Will\Application Data\internaldb4827.dat
2006-05-16 13:42 327 ----a-w C:\Documents and Settings\Will\Application Data\internaldb1942.dat
2006-05-16 02:22 0 ----a-w C:\Documents and Settings\Will\Application Data\internaldb5436.dat
2006-05-16 02:22 0 ----a-w C:\Documents and Settings\Will\Application Data\internaldb4604.dat
2006-05-15 21:45 0 ----a-w C:\Documents and Settings\Will\Application Data\internaldb6786.dat
2006-05-15 21:45 0 ----a-w C:\Documents and Settings\Will\Application Data\internaldb153.dat
2006-05-13 19:31 0 ----a-w C:\Documents and Settings\Will\Application Data\internaldb2391.dat
2006-05-02 16:14 0 ----a-w C:\Documents and Settings\Will\Application Data\internaldb3902.dat
2006-02-14 23:28 26,958 ----a-w C:\Program Files\MovieLand Terms.html
2006-01-24 22:03 46,664 ----a-w C:\Documents and Settings\Mom & Dad\Application Data\GDIPFONTCACHEV1.DAT
2005-09-17 13:37 348 -c--a-w C:\Program Files\INSTALL.LOG
2005-08-07 17:53 774,144 -c--a-w C:\Program Files\RngInterstitial.dll
2003-12-18 17:33 20,102 -c--a-w C:\Program Files\Readme.txt
2003-09-03 13:46 10,960 -c--a-w C:\Program Files\EULA.txt
2005-05-14 00:12 217,073 -csha-r C:\WINDOWS\meta4.exe
2003-07-16 20:48 94,784 -csh--w C:\WINDOWS\twain.dll
2004-08-04 07:56 50,688 --sh--w C:\WINDOWS\twain_32.dll
2005-07-14 19:31 27,648 -csha-r C:\WINDOWS\system32\AVSredirect.dll
2006-01-09 02:18 104 -csha-r C:\WINDOWS\system32\BC917AF2FA.sys
2005-06-26 22:32 616,448 -csha-r C:\WINDOWS\system32\cygwin1.dll
2005-06-22 05:37 45,568 -csha-r C:\WINDOWS\system32\cygz.dll
2004-01-25 07:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll
2007-12-18 01:09 3,766 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2004-08-04 07:56 54,784 --sha-w C:\WINDOWS\system32\msvcirt.dll
2007-12-04 18:38 550,912 --sha-w C:\WINDOWS\system32\oleaut32.dll
2004-08-04 07:56 83,456 --sha-w C:\WINDOWS\system32\olepro32.dll
2004-08-04 07:56 11,776 --sha-w C:\WINDOWS\system32\regsvr32.exe
2005-02-28 20:16 240,128 -csha-r C:\WINDOWS\system32\x.264.exe
2004-01-25 07:00 70,656 --sha-r C:\WINDOWS\system32\yv12vfw.dll
.
Code:
<pre>
----a-w 199,680 2005-11-15 19:29:22 C:\Documents and Settings\Will\Desktop\Will\Shit\ClearCut (media) .exe
</pre>
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
2008-04-25 18:29 66912 --a------ C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= "C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL" [2008-04-25 18:29 267592]
[HKEY_CLASSES_ROOT\clsid\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Internet Download Accelerator"="C:\Program Files\IDA\ida.exe" [2007-10-24 18:09 2191872]
"NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 19:25 81920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]
"SBDrvDet"="C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe" [2002-12-03 19:06 45056]
"type32"="C:\Program Files\Microsoft IntelliType Pro\type32.exe" [2004-06-03 02:51 172032]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\point32.exe" [2004-06-03 02:50 204800]
"CTSysVol"="C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 11:43 57344]
"CTHelper"="CTHELPER.EXE" [2006-08-11 14:56 17920 C:\WINDOWS\CTHELPER.EXE]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-12-11 11:56 286720]
"nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 01:41 81920]
"9002f9a1"="C:\WINDOWS\system32\vtupnodv.dll" [2008-06-04 10:36 116736]
"BM9331ca3d"="C:\WINDOWS\system32\htxreidx.dll" [2008-06-05 14:47 126976]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="C:\\WINDOWS\\system32\\logonui.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winrkp32]
winrkp32.dll 2008-06-03 16:34 31744 C:\WINDOWS\system32\winrkp32.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"vidc.yv12"= yv12vfw.dll
"vidc.wmv3"= C:\PROGRA~1\COMBIN~1\Filters\wmv9vcm.dll
"msacm.divxa32"= DivXa32.acm
"msacm.l3acm"= l3codecp.acm
"VIDC.WOX"= vct3216.dll
"VIDC.3IV2"= 3ivxVfWCodec.dll
"VIDC.AP41"= APmpg4v1.dll
"VIDC.div3"= DivXc32.dll
"VIDC.div4"= DivXc32f.dll
"VIDC.HFYU"= huffyuv.dll
"VIDC.MJPG"= M3JPEG32.DLL
"msacm.i263"= i263_32.drv
"vidc.OGG"= oggDS.dll
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
"RemoteCenter"=C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe
"SMSystemAnalyzer"="C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe"
"System Mechanic Popup Blocker"="C:\Program Files\iolo\System Mechanic Professional 6\PopupBlocker.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"nwiz"=nwiz.exe /install
"NeroCheck"=C:\WINDOWS\system32\NeroCheck.exe
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
"SsAAD.exe"=C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"Windows Media Connect 2"="C:\Program Files\Windows Media Connect 2\WMCCFG.exe" /StartQuiet
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"=C:\Program Files\Google\Gmail Notifier\gnotify.exe
"ioloDelayModule"=C:\Program Files\iolo\System Mechanic Professional 6\delay.exe
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE
"Zune Launcher"="C:\Program Files\Zune\ZuneLauncher.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\PandaAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\PandaFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\BitTorrent\\btdownloadgui.exe"=
"C:\\Program Files\\InterVideo\\DVD6\\WinDVD.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
"C:\\Documents and Settings\\Will\\Desktop\\Will\\utorrent.exe"=
"C:\\Program Files\\THQ\\Dawn of War - Dark Crusade\\DarkCrusade.exe"=
"C:\\WINDOWS\\system32\\dplaysvr.exe"=
"C:\\Emulators\\Snes\\ZSnes\\zsnesw.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\Kaspersky Lab\\Kaspersky Internet Security 6.0\\avp.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\Cain\\Cain.exe"=
"C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3y.exe"=
"C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3x.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"C:\\Program Files\\Turbine\\The Lord of the Rings Online\\lotroclient.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"16900:UDP"= 16900:UDP:CrashOnlineRecv
"16910:UDP"= 16910:UDP:CrashOnlineSend
R0 pe3ajbeb;L Ile Noyee Environment Driver (pe3ajbeb);C:\WINDOWS\system32\drivers\pe3ajbeb.sys [2007-08-22 10:31]
R0 ps7ajbeb;L Ile Noyee Synchronization Driver (ps7ajbeb);C:\WINDOWS\system32\drivers\ps7ajbeb.sys [2007-08-22 10:30]
R1 oreans32;oreans32;C:\WINDOWS\system32\drivers\oreans32.sys [2007-04-07 09:21]
R2 gearsec;gearsec;C:\WINDOWS\system32\gearsec.exe [2003-12-01 15:27]
R2 PfDetNT;PfDetNT;C:\WINDOWS\system32\drivers\PfModNT.sys [2006-08-11 14:56]
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2004-08-04 01:56]
S2 pr2ajbeb;L Ile Noyee Drivers Auto Removal (pr2ajbeb);C:\WINDOWS\system32\pr2ajbeb.exe svc []
S3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys [2007-06-28 18:01]
S3 PavSRK.sys;PavSRK.sys;C:\WINDOWS\system32\PavSRK.sys []
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-01-14 23:38]
S3 usbprint;Microsoft USB PRINTER Class;C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 01:01]
S3 XDva020;XDva020;C:\WINDOWS\system32\XDva020.sys []
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C]
\Shell\AutoRun\command - install.EXE id= ver=1.0.0.0
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3aeb8d07-8f11-11dc-991f-000cf1757f58}]
\Shell\AutoRun\command - K:\autorun.exe
\Shell\setup\command - K:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7e6e9a10-0d07-11d9-b076-000cf1757f58}]
\Shell\AutoRun\command - F:\LaunchEAW.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{86f702b8-20bd-11da-8de1-000cf1757f58}]
\Shell\AutoRun\command - K:\OokMAG\OokMAG.exe
.
Contents of the 'Scheduled Tasks' folder
"2008-06-07 10:04:33 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe
"2008-06-07 02:28:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-06-08 00:55:54 C:\WINDOWS\Tasks\Spybot - Search & Destroy - Scheduled Task.job"
- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
"2008-06-07 16:37:15 C:\WINDOWS\Tasks\User_Feed_Synchronization-{F02295EB-65EE-496C-8750-C37B21BC539F}.job"
- C:\WINDOWS\system32\msfeedssync.exe
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-07 19:56:51
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\winrkp32.dll
.
Completion time: 2008-06-07 19:58:50
ComboFix-quarantined-files.txt 2008-06-08 01:58:13
Pre-Run: 1,333,915,648 bytes free
Post-Run: 1,306,730,496 bytes free
290 --- E O F --- 2008-06-08 01:51:12
New HijackThis Log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:59:54 PM, on 6/7/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\system32\gearsec.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\IDA\ida.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\cmd.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: StumbleUpon Launcher - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
O2 - BHO: IE 4.x-6.x BHO for Internet Download Accelerator - {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6} - C:\PROGRA~1\IDA\idaiehlp.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: InlineSearchHandleHotKeys Class - {B6FFE2AE-4D12-451F-B457-FE6125FFB1CF} - C:\Program Files\IEForge\Inline Search\InlineSearch.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: StumbleUpon Toolbar - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [9002f9a1] rundll32.exe "C:\WINDOWS\system32\vtupnodv.dll",b
O4 - HKLM\..\Run: [BM9331ca3d] Rundll32.exe "C:\WINDOWS\system32\htxreidx.dll",s
O4 - HKCU\..\Run: [Internet Download Accelerator] C:\Program Files\IDA\ida.exe -autorun
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm
O8 - Extra context menu item: Download ALL with IDA - C:\Program Files\IDA\idaieall.htm
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Download with IDA - C:\Program Files\IDA\idaie.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll/blogimage
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
O9 - Extra 'Tools' menuitem: &Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
O15 - Trusted Zone: *.nexopia.com
O15 - Trusted Zone: *.stumbleupon.com
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15009/CTSUEng.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab50997.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {2F003D51-39FD-4D18-9016-95CF70B92ABE} - http://download.movienetworks.com/in...altpmtscab.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/ca..._2.3.2.100.cab
O16 - DPF: {5CB1506E-1DEA-4E63-89A7-E40E52AEA1FD} (OnagerCtrl Class) - http://fulfillment.puretracks.com/onager.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-CA/.../GAME_UNO1.cab
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/game...lugin11USA.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/Driver...sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v6.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/Driver...aSmartScan.cab
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} - http://secure2.comned.com/signuptemp...ogin-devel.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab55762.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary...o.cab55579.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/game...Plugin9USA.cab
O16 - DPF: {CFD7D0F6-CCAF-4FFA-9D7F-CE9B65F562EC} (AppCaller Control) - http://bombndash.com/common/AppCaller.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/.../installer.exe
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://zone.msn.com/bingame/feed/def...utLauncher.cab
O16 - DPF: {D88C7675-7CEE-4C9A-BDD4-7A43EED7794D} (Logout Class) - http://www.gamengame.com/KALogoutComponent.cab
O16 - DPF: {DA80E089-4648-43D5-93B4-7F37917084E6} (CacheManager.CacheManagerCtrl) - http://www.candystand.com/games/gtau...cheManager.CAB
O16 - DPF: {DAF5D9A2-D982-4671-83E4-0398706A5F6A} (SCEWebLauncherCtl Object) - http://zone.msn.com/bingame/hsol/def...ebLauncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/apop/def...ploader_v6.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - http://livewc01.custhelp.com/7560-b4.../java/RntX.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15009/CTPID.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/optimize2/pcpitstop2.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{C0115D85-8D15-46B4-9111-1217B1CE4E43}: NameServer = 75.154.132.68,75.154.132.69
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~4\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: winrkp32 - C:\WINDOWS\SYSTEM32\winrkp32.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: gearsec - GEAR Software - C:\WINDOWS\system32\gearsec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: L Ile Noyee Drivers Auto Removal (pr2ajbeb) (pr2ajbeb) - Micro Application - C:\WINDOWS\system32\pr2ajbeb.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 13806 bytes
I have virtumonde
