-
Okay - here's combofix.txt and hjt log, as you requested.
ComboFix 08-01-15.4 - SHIRLEY WILLIAMS 2008-01-15 14:54:50.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.1.1252.1.1033.18.92 [GMT -6:00]
Running from: C:\Documents and Settings\SHIRLEY WILLIAMS\Desktop\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\SHIRLEY WILLIAMS\Application Data\install.dat
C:\Program Files\Common Files\mcroso~1
C:\Program Files\mcroso~1
C:\Program Files\MSN Gaming Zone\lavu.dll
C:\Program Files\MSN Gaming Zone\lavu441.dll
C:\Program Files\MSN Gaming Zone\profsy.html
C:\Program Files\WinBudget
C:\Program Files\WinBudget\bin\crap.1187063402.old
C:\Program Files\WinBudget\bin\crapmatrix.dllcrap
C:\Program Files\Windows Media Player\hokesotu4444.dll
C:\Program Files\Windows Media Player\hokesotu83122.dll
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\Temp\bkR11
C:\Temp\bkR11\ftCa.log
C:\WINDOWS\horrible\tvyxx.ini
C:\WINDOWS\horrible\tvyxx.ini2
C:\WINDOWS\system32\aimsmx.dll
C:\WINDOWS\system32\aosmx.dll
C:\WINDOWS\system32\cavnfmkr.dll
C:\WINDOWS\system32\cbxyyww.dll
C:\WINDOWS\system32\dcuwemai.dll
C:\WINDOWS\system32\drivers\fad.sys
C:\WINDOWS\system32\gobptxco.dll
C:\WINDOWS\system32\gtalsmx.dll
C:\WINDOWS\system32\info.txt
C:\WINDOWS\system32\ipv6monk.dll
C:\WINDOWS\system32\mssdvoql.exe
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\pfxzmtaim.dll
C:\WINDOWS\system32\pfxzmtforum.dll
C:\WINDOWS\system32\pfxzmtgtal.dll
C:\WINDOWS\system32\pfxzmticq.dll
C:\WINDOWS\system32\pfxzmtsmt.dll
C:\WINDOWS\system32\pfxzmtsmtspm.dll
C:\WINDOWS\system32\pfxzmtwbmail.dll
C:\WINDOWS\system32\pfxzmtymsg.dll
C:\WINDOWS\SYSTEM32\rkmfnvac.ini
C:\WINDOWS\system32\rsvp32_2.dll
C:\WINDOWS\system32\rsvp32_2.dll3f2tjw
C:\WINDOWS\system32\rsvp32_2.dllewfwe334f
C:\WINDOWS\system32\rsvp32_2.dllewfweff
C:\WINDOWS\system32\sfxzmtforum.dll
C:\WINDOWS\system32\sfxzmtsmt.dll
C:\WINDOWS\system32\sfxzmtsmtspm.dll
C:\WINDOWS\system32\sfxzmtwbmail.dll
C:\WINDOWS\SYSTEM32\tvyxx.ini
C:\WINDOWS\SYSTEM32\tvyxx.ini2
C:\WINDOWS\system32\xxyvt.dll
C:\WINDOWS\system32\ymsgsmx.dll
C:\WINDOWS\tk58.exe
C:\WINDOWS\TTC-4444.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_CMDSERVICE
-------\LEGACY_DOMAINSERVICE
-------\LEGACY_FAD
-------\LEGACY_NETWORK_MONITOR
-------\DomainService
((((((((((((((((((((((((( Files Created from 2007-12-15 to 2008-01-15 )))))))))))))))))))))))))))))))
.
2008-01-15 14:52 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-15 14:17 . 2008-01-15 14:17 15,663 --a------ C:\WINDOWS\BMa345ea2a.xml
2008-01-15 14:17 . 2008-01-15 14:17 22 --a------ C:\WINDOWS\pskt.ini
2008-01-15 13:01 . 2008-01-15 13:01 10,949 --a------ C:\deck.zip
2008-01-15 12:30 . 2008-01-15 12:30 <DIR> d-------- C:\Deckard
2008-01-11 16:19 . 2008-01-11 16:19 <DIR> d-------- C:\WINDOWS\SYSTEM32\Kaspersky Lab
2008-01-11 16:19 . 2008-01-11 16:19 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-01-11 13:10 . 2008-01-15 12:18 2,184 --a------ C:\WINDOWS\SYSTEM32\wpa.dbl
2008-01-11 12:26 . 2008-01-15 14:58 <DIR> d-------- C:\WINDOWS\horrible
2008-01-11 12:14 . 2005-05-28 06:33 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Gtek
2008-01-04 18:18 . 2008-01-15 12:33 <DIR> d-------- C:\WINDOWS\SYSTEM32\CatRoot2
2008-01-04 18:18 . 2008-01-15 12:33 <DIR> d-------- C:\WINDOWS\SYSTEM32\CatRoot
2008-01-03 13:41 . 2008-01-03 13:41 <DIR> d-------- C:\Documents and Settings\SHIRLEY WILLIAMS\windowscrap
2007-12-17 17:45 . 2007-12-17 17:46 <DIR> d-------- C:\Program Files\WinPcap
2007-12-17 16:31 . 2007-12-17 17:46 <DIR> d-------- C:\Program Files\Wireshark
2007-12-16 14:31 . 2007-12-16 14:31 <DIR> d-------- C:\Program Files\Enigma Software Group
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-15 18:18 --------- d-----w C:\Program Files\LogMeIn
2007-12-16 21:51 --------- d-----w C:\Documents and Settings\SHIRLEY WILLIAMS\Application Data\AVG7
2007-12-16 20:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-07 17:55 --------- d-----w C:\Program Files\Apophysis 2.0
2007-12-03 21:23 --------- d-----w C:\Program Files\DBF Viewer 2000
2007-02-28 00:09 47,992 ----a-w C:\Documents and Settings\SHIRLEY WILLIAMS\Application Data\GDIPFONTCACHEV1.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{02012421-489E-444E-BE90-5334553E729B}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{093725DF-43BD-4D73-BFC3-015648EBC06F}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18034704-9EFB-4839-9959-565B4FADE80D}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{297B7695-14FC-4F79-B9CD-372FA4E50E1E}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3cba2671-44ea-4f46-8418-6ee56620909d}]
C:\WINDOWS\System32\nvpqsmo.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{549B5CA7-4A86-11D7-A4DF-000874180BB3}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{89F5EC1A-C524-4D56-A67F-0A3FB5C8CF54}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8A505F7C-4637-4C91-92C0-8CDABC4908AD}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AEBF6926-DBA6-4100-A838-1CED0169AB78}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C84DE7AC-2968-79EC-1486-00E2970227EA}]
C:\WINDOWS\System32\mpum.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DF50EE5C-27CC-4403-9E23-CE08E01482C9}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E5EEA2B3-CFF1-45A4-858C-0FE06C5D2A35}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F00B9FB6-B92A-4328-82F9-85CE971ED9FA}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F74096E3-9F6E-4C7E-A5A3-F50B243B2D97}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2002-08-20 15:08 1511453]
"ctfmon.exe"="C:\WINDOWS\System32\ctfmon.exe" [2002-08-29 05:00 13312]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46 1460560]
"WebBuying"="C:\Program Files\Web Buying\v1.8.6\webbuying.exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PrinTray"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe" [ ]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2003-06-30 19:56 188416]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2003-06-30 20:00 65536]
"zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2003-12-01 10:38 892928]
"Logitech Utility"="Logi_MwX.Exe" [2003-11-07 03:50 19968 C:\WINDOWS\LOGI_MWX.EXE]
"LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [2007-04-17 13:03 63048]
"BJCFD"="C:\Program Files\BroadJump\Client Foundation\CFD.exe" [ ]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2002-08-29 05:00 145408]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2005-06-25 21:47 74286]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-08-01 19:52:17]
WG111v2 Smart Wizard Wireless Setting.lnk - C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe [2007-10-10 09:07:40]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
LMIinit.dll 2007-11-27 14:27 87352 C:\WINDOWS\SYSTEM32\LMIinit.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2007-05-11 02:06 40048 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]
--a------ 2005-06-25 21:46 343599 C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_EMC]
--a------ 2005-06-25 21:46 228404 C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCMSMMSG]
--a------ 2003-02-24 18:34 122880 C:\WINDOWS\BCMSMMSG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2002-08-29 05:00 13312 C:\WINDOWS\System32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
C:\Program Files\Dell Support\DSAgnt.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDSentry]
--a------ 2002-07-17 10:18 28672 C:\WINDOWS\System32\DSentry.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
--a------ 2003-01-24 08:05 114688 C:\WINDOWS\System32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
--a------ 2003-01-24 08:17 155648 C:\WINDOWS\System32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\MsnMsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\bak\qttask.exe
R2 EAPPkt;Realtek EAPPkt Protocol;C:\WINDOWS\System32\DRIVERS\EAPPkt.sys [2005-04-01 10:43]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\LogMeIn\x86\RaInfo.sys [2007-04-17 13:00]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\System32\drivers\LMIRfsDriver.sys [2007-04-05 10:55]
R2 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\System32\drivers\npf.sys [2007-06-28 18:01]
R3 {5C8B2B62-A385-11d5-A78B-00104B672758};AIM 3.0 Part 01 Codec Driver CH-7017-A;C:\WINDOWS\System32\drivers\A311.sys [2003-02-04 22:04]
R3 {5C8B2B65-A385-11d5-A78B-00104B672758};AIM 3.0 Part 01 Codec Driver CH-7017-B;C:\WINDOWS\System32\drivers\A310.sys [2003-02-04 22:04]
S2 BulkUsb;Genesys Logic USB Scanner Controller NT 5.0;C:\WINDOWS\System32\Drivers\usbscan.sys [2002-08-29 01:48]
S3 LCcfltr;Logitech USB Filter Driver;C:\WINDOWS\System32\drivers\lccfltr.sys [2003-11-07 03:50]
S3 LSWPCv4;Wireless-B Notebook Adapter Driver;C:\WINDOWS\System32\DRIVERS\rtl8180.sys [2003-09-30 20:54]
S3 Ndisusb;GeneLink Network Driver;C:\WINDOWS\System32\DRIVERS\genelan.sys []
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver;C:\WINDOWS\System32\NSNDIS5.SYS [2004-03-23 20:12]
S3 PhilCam8116;Logitech QuickCam Pro 3000(PID_08B0);C:\WINDOWS\System32\DRIVERS\CamDrL21.sys [2002-12-10 04:53]
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;C:\WINDOWS\System32\DRIVERS\wg111v2.sys [2006-03-27 16:53]
S3 USBHSB;GeneLink USB Driver;C:\WINDOWS\System32\Drivers\glkusb.sys [2001-07-10 02:05]
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-15 15:10:11
Windows 5.1.2600 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-01-15 15:12:56 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-15 21:12:38
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:21:19 PM, on 1/15/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\LVComS.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://co.brewster.tx.us/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3cba2671-44ea-4f46-8418-6ee56620909d} - C:\WINDOWS\System32\nvpqsmo.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {C84DE7AC-2968-79EC-1486-00E2970227EA} - C:\WINDOWS\System32\mpum.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {5CBE2611-C31B-401F-89BC-4CBB25E853D7} - (no file)
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: WG111v2 Smart Wizard Wireless Setting.lnk = ?
O8 - Extra context menu item: &Search - ?p=ZCxdm565YYUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O15 - Trusted Zone: *.amaena.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english...an_unicode.cab
O16 - DPF: {AA299E98-6FB5-409F-99D3-D30D749F4864} (kasRmtHlp Class) - http://kaseya.hardintech.com/inc/kaxRemote.dll
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C4A43124-5643-4FFD-9FBF-74BB08C30948}: NameServer = 68.94.156.1,68.94.157.1
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
--
End of file - 6512 bytes
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
