Hi
fscali:
1.
Multiple Antivirus Programs
avast is now the only a/v program. the CF log still makes reference to MSSE but that has been uninstalled along w/ malwarebytes.
2.
ComboFix - CFScript
LOG:
ComboFix 12-07-13.03 - fred 07/14/2012 6:08.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1490 [GMT -4:00]
Running from: c:\documents and settings\fred\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\fred\Desktop\cfscript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\PCDr\5907\Downloads\246b20c1-8ea9-4148-a34e-d03c8a1d5a76.dll
c:\windows\system32\drivers\etc\hosts.txt
.
.
((((((((((((((((((((((((( Files Created from 2012-06-14 to 2012-07-14 )))))))))))))))))))))))))))))))
.
.
2012-07-14 10:03 . 2012-07-14 10:03 -------- d-----w- c:\program files\Trend Micro
2012-07-12 22:22 . 2012-07-12 22:22 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-07-11 00:02 . 2012-07-11 00:02 -------- d-----w- c:\program files\CONEXANT
2012-07-08 20:48 . 2012-07-08 20:48 -------- d-----w- c:\documents and settings\fred\Application Data\Malwarebytes
2012-07-08 20:47 . 2012-07-08 20:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-07-08 16:33 . 2012-07-08 16:33 -------- d-----w- c:\documents and settings\fred\Application Data\Dell
2012-07-08 16:33 . 2012-07-08 16:33 -------- d-----w- c:\documents and settings\All Users\Application Data\PCDr
2012-07-08 16:32 . 2012-07-08 16:33 -------- d-----w- c:\program files\Dell Support Center
2012-07-08 16:09 . 2012-07-08 16:09 -------- d-----w- c:\documents and settings\fred\Application Data\PCDr
2012-07-07 13:09 . 2012-07-03 16:21 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-07-07 13:09 . 2012-07-03 16:21 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-07-07 13:09 . 2012-07-03 16:21 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-07-07 13:09 . 2012-07-03 16:21 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-07-07 13:09 . 2012-07-03 16:21 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-07-07 13:09 . 2012-07-03 16:21 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-07-07 13:09 . 2012-07-03 16:21 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-07-07 13:09 . 2012-07-03 16:21 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-07-07 13:09 . 2012-07-03 16:21 41224 ----a-w- c:\windows\avastSS.scr
2012-07-07 13:09 . 2012-07-03 16:21 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-07-07 13:08 . 2012-07-07 13:08 -------- d-----w- c:\program files\AVAST Software
2012-07-07 13:08 . 2012-07-07 13:08 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2012-07-01 22:28 . 2012-07-01 22:28 -------- d-----w- c:\program files\CPUID
2012-07-01 22:28 . 2011-09-21 14:25 21992 ----a-w- c:\windows\system32\drivers\cpuz135_x32.sys
2012-07-01 15:25 . 2012-07-01 15:25 -------- d-----w- c:\program files\NirSoft
2012-07-01 15:13 . 2012-07-01 15:14 -------- d-----w- c:\program files\Support Tools
2012-06-30 18:07 . 2012-06-30 18:07 -------- d-----w- c:\documents and settings\Administrator\Application Data\vlc
2012-06-30 02:21 . 2012-06-05 07:37 256904 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2012-06-21 14:13 . 2012-06-21 14:13 -------- d-----w- c:\documents and settings\Administrator\Application Data\Windows Search
2012-06-21 12:32 . 2012-06-21 12:32 -------- d-----w- c:\windows\system32\wbem\Repository
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-11 23:28 . 2012-04-06 18:40 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-11 23:28 . 2011-05-30 21:35 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-13 13:19 . 2005-08-16 08:18 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-06-05 15:50 . 2007-05-15 19:43 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:50 . 2005-08-16 08:18 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 21:35 . 2005-05-26 08:19 222448 ----a-w- c:\windows\system32\muweb.dll
2012-06-04 04:32 . 2005-08-16 08:18 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 19:19 . 2007-05-31 19:26 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 19:19 . 2007-05-31 19:26 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 19:19 . 2005-08-16 08:40 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 19:19 . 2005-08-16 08:40 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 19:19 . 2005-08-16 08:40 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 19:19 . 2007-05-31 19:26 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 19:19 . 2005-08-16 08:40 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 19:19 . 2005-08-16 08:40 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 19:19 . 2005-08-16 08:18 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 19:19 . 2005-05-26 08:16 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 19:19 . 2007-05-31 19:26 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 19:19 . 2005-08-16 08:40 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 19:19 . 2005-08-16 08:40 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 19:18 . 2007-06-01 14:57 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 19:18 . 2006-10-21 15:46 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-05-31 13:22 . 2005-08-16 08:18 599040 ----a-w- c:\windows\system32\crypt32.dll
2012-05-16 15:08 . 2005-08-16 08:18 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-11 14:42 . 2005-08-16 08:18 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-05-11 14:42 . 2005-08-16 08:18 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-05-11 11:38 . 2005-08-16 08:18 385024 ----a-w- c:\windows\system32\html.iec
2012-05-04 13:16 . 2005-08-16 08:18 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 12:32 . 2004-08-04 02:59 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46 . 2005-08-16 08:37 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-19 00:56 . 2012-04-19 00:56 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-04-19 00:56 . 2012-04-19 00:56 69632 ----a-w- c:\windows\system32\QuickTime.qts
2012-07-01 21:36 . 2012-07-01 21:36 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-11_11.39.03 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-07-14 10:18 . 2012-07-14 10:18 16384 c:\windows\temp\Perflib_Perfdata_500.dat
+ 2012-07-13 05:21 . 2012-07-13 05:21 22016 c:\windows\Installer\172bc29.msi
+ 2012-07-11 23:28 . 2012-07-11 23:28 686280 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_265_Plugin.exe
+ 2012-07-11 22:28 . 2012-07-11 22:28 686280 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_265_ActiveX.exe
+ 2012-07-11 22:28 . 2012-07-11 22:28 465096 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_265_ActiveX.dll
+ 2012-04-06 18:40 . 2012-07-11 23:28 250056 c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
- 2012-04-06 18:40 . 2012-06-29 23:29 250056 c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
+ 2012-07-11 23:28 . 2012-07-11 23:28 9465032 c:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-14 68856]
"Olympus ib"="c:\program files\Olympus\ib\olycamdetect.exe" [2010-09-30 93360]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-19 204288]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"SigmatelSysTrayApp"="stsystra.exe" [2006-07-24 282624]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-07-06 151552]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-12-04 176128]
"VX3000"="c:\windows\vVX3000.exe" [2009-06-26 757248]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2006-10-13 277296]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 40960]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2006-03-28 622592]
"SetDefPrt"="c:\program files\Brother\Brmfl06a\BrStDvPt.exe" [2005-01-26 49152]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2006-04-10 61440]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-07-21 98304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-07-21 86016]
"Persistence"="c:\windows\system32\igfxpers.exe" [2006-07-21 81920]
"HPHUPD05"="c:\program files\Hewlett-Packard\\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\hphupd05.exe" [2005-07-08 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2003-12-05 49152]
"HPHmon05"="c:\windows\system32\hphmon05.exe" [2005-07-08 491520]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-13 69632]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-06 59240]
"MDS_Menu"="c:\program files\Olympus\ib\MUITransfer\MUIStartMenu.exe" [2010-07-01 220336]
"Olympus ib"="c:\program files\Olympus\ib\olycamdetect.exe" [2010-09-30 93360]
"acevents"="c:\program files\ActivIdentity\ActivClient\acevents.exe" [2009-06-03 153640]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2009-06-03 400936]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"Monitor"="c:\program files\LeapFrog\LeapFrog Connect\Monitor.exe" [2011-11-12 268640]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2012-04-19 421888]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-14 68856]
.
c:\documents and settings\Administrator\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
ActivClient Agent.lnk - c:\program files\ActivIdentity\ActivClient\acsagent.exe [2009-6-3 130600]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ackpbsc]
2009-06-03 21:14 113152 ----a-w- c:\program files\ActivIdentity\ActivClient\ackpbsc.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\acunlock]
2009-06-03 21:13 299520 ----a-w- c:\program files\ActivIdentity\ActivClient\acunlock.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@=""
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\LeapFrog\\LeapFrog Connect\\LeapFrogConnect.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\QuickTime\\QuickTimePlayer.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Documents and Settings\\fred\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:*:Disabled:Windows Peer-to-Peer Grouping
"3540:UDP"= 3540:UDP:*:Disabled:Peer Name Resolution Protocol (PNRP)
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R0 sonypvl2;sonypvl2;c:\windows\system32\drivers\sonypvl2.sys [11/4/2006 5:47 PM 19478]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [7/7/2012 9:09 AM 721000]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [7/7/2012 9:09 AM 353688]
R1 sonypvf2;sonypvf2;c:\windows\system32\drivers\sonypvf2.sys [11/4/2006 5:47 PM 634798]
R1 sonypvt2;sonypvt2;c:\windows\system32\drivers\sonypvt2.sys [11/4/2006 5:47 PM 430670]
R2 ac.sharedstore;ActivIdentity Shared Store Service;c:\program files\Common Files\ActivIdentity\ac.sharedstore.exe [6/3/2009 5:16 PM 207400]
R2 acautoupdate;ActivClient Auto-Update Service;c:\program files\ActivIdentity\ActivClient\acautoup.exe [6/3/2009 5:16 PM 51240]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7/7/2012 9:09 AM 21256]
R2 Iprip;RIP Listener;c:\windows\System32\svchost.exe -k netsvcs [8/16/2005 4:18 AM 14336]
R3 SCR3XX2K;SCR3xx USB SmartCardReader;c:\windows\system32\drivers\SCR3XX2K.sys [11/7/2006 4:35 AM 59776]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S1 sonypvd2;sonypvd2;c:\windows\system32\drivers\sonypvd2.sys [11/4/2006 5:47 PM 64093]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10/10/2009 8:07 AM 133104]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/6/2012 2:40 PM 250056]
S3 cirrus;cirrus;c:\windows\system32\drivers\cirrus.sys [2/11/2009 9:17 PM 45696]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [10/10/2009 8:07 AM 133104]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
S3 Leapfrog-USBLAN;Leapfrog-USBLAN;c:\windows\system32\drivers\btblan.sys [1/6/2012 12:47 PM 33792]
S3 LGDDCDevice;LGDDCDevice;c:\program files\LG Soft India\forteManager\bin\I2CDriver.sys [4/24/2010 9:31 AM 14336]
S3 LGII2CDevice;LGII2CDevice;c:\program files\LG Soft India\forteManager\bin\PII2CDriver.sys [4/24/2010 9:31 AM 13312]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [7/12/2012 6:22 PM 40776]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [7/1/2012 5:36 PM 129976]
S3 Normandy;Normandy SR2; [x]
S3 OlyCamComm;OLYMPUS USB Communication Device;c:\windows\system32\drivers\OlyCamComm.sys [1/1/2011 7:11 PM 21648]
S3 PCDSRVC{E9D79540-57D5953E-06020101}_0;PCDSRVC{E9D79540-57D5953E-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\Dell Support Center\pcdsrvc.pkms [4/10/2012 2:51 PM 21744]
S3 SCR131C;SCRx31 Serial Smart Card Reader;c:\windows\system32\drivers\SCR131C.sys [11/7/2002 5:04 AM 181875]
S3 SCR33X USB Smart Card Reader;SCR33X USB Smart Card Reader;c:\windows\system32\drivers\SCR33X2K.sys [4/6/2004 5:24 AM 64088]
S3 SCR3xx USB Smart Card Reader;SCR3xx USB Smart Card Reader;c:\windows\system32\drivers\SCR3XX2K.sys [11/7/2006 4:35 AM 59776]
S3 SNXPCARD;SNXPCARD;c:\windows\system32\drivers\snxpcard.sys [11/9/2006 10:14 AM 23040]
S3 SNXPPALX;SNXPPALX;c:\windows\system32\drivers\snxppalx.sys [11/9/2006 10:14 AM 76800]
S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\program files\Lavasoft\Ad-Aware\AAWService.exe" --> c:\program files\Lavasoft\Ad-Aware\AAWService.exe [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 23:28]
.
2012-06-02 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 21:57]
.
2012-07-14 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-07-07 16:21]
.
2012-07-13 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-02-01 02:46]
.
2012-07-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-10 12:06]
.
2012-07-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-10 12:06]
.
2012-07-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1664530028-17251024-895595264-1006Core.job
- c:\documents and settings\fred\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-18 20:23]
.
2012-07-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1664530028-17251024-895595264-1006UA.job
- c:\documents and settings\fred\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-18 20:23]
.
2012-07-14 c:\windows\Tasks\HP Usg Daily.job
- c:\program files\Hewlett-Packard\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\pexpress\hphped05.exe [2009-09-26 04:55]
.
2012-07-08 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-05-22 02:12]
.
2012-06-19 c:\windows\Tasks\scali incremental.job
- c:\windows\system32\ntbackup.exe [2005-08-16 00:12]
.
2012-06-18 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job
- c:\program files\Spybot - Search & Destroy\SpybotSD.exe [2006-10-20 19:31]
.
2012-06-18 c:\windows\Tasks\Spybot - Search & Destroy Updater - Scheduled Task.job
- c:\program files\Spybot - Search & Destroy\SDUpdate.exe [2008-02-13 19:31]
.
2012-07-14 c:\windows\Tasks\User_Feed_Synchronization-{260475ED-8C3E-4671-A806-0E5FA98D893F}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 08:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/ig?tab=mw&hl=en&source=iglk
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
Trusted Zone: aa.com
Trusted Zone: ancestry.com\www
Trusted Zone: army.mil
Trusted Zone: citimortgage.com\www
Trusted Zone: dau.mil
Trusted Zone: disa.mil
Trusted Zone: dsw.com\www
Trusted Zone: google.com\mail
Trusted Zone: keysenergy.com\www
Trusted Zone: mymonthlycycles.com\www
Trusted Zone: navyfcu.org
Trusted Zone: noaa.gov
Trusted Zone: osd.mil
Trusted Zone: paypal.com\www
Trusted Zone: southcom.mil
Trusted Zone: southcom.mil\owa.jiatfs
Trusted Zone: ugov.gov
Trusted Zone: usmc.mil
TCP: DhcpNameServer = 205.152.144.23 205.152.132.23
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
DPF: {16F67783-7E72-4C39-99C4-4780A8335484} - hxxp://www.syncmyride.com/Own/Modules/UpdateCenter/applets/sync.cab
DPF: {682C59F5-478C-4421-9070-AD170D143B77} - hxxp://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab
DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} - hxxps://www.icloud.com/system/iCloud.cab
FF - ProfilePath - c:\documents and settings\fred\Application Data\Mozilla\Firefox\Profiles\lu62k214.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2012-07-14 06:19
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PCDSRVC{E9D79540-57D5953E-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc.pkms"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(884)
c:\program files\ActivIdentity\ActivClient\ackpbsc.dll
c:\program files\ActivIdentity\ActivClient\aclog.dll
c:\program files\ActivIdentity\ActivClient\accrypto.dll
c:\program files\ActivIdentity\ActivClient\ACLIBEAY.dll
c:\program files\ActivIdentity\ActivClient\acevtsub.dll
c:\program files\ActivIdentity\ActivClient\asphat32.dll
c:\program files\ActivIdentity\ActivClient\acerrmes.dll
c:\program files\ActivIdentity\ActivClient\aiwinext.dll
c:\program files\ActivIdentity\ActivClient\aspcom.dll
c:\program files\ActivIdentity\ActivClient\Resources\acerrmrc.dll
c:\program files\ActivIdentity\ActivClient\Resources\asphatrc.dll
c:\program files\ActivIdentity\ActivClient\acunlock.dll
c:\program files\ActivIdentity\ActivClient\aipingui.dll
c:\program files\ActivIdentity\ActivClient\aicext.dll
c:\program files\ActivIdentity\ActivClient\Resources\aipinguirc.dll
c:\program files\ActivIdentity\ActivClient\resources\acCobAPIrc.dll
c:\program files\ActivIdentity\ActivClient\resources\acCobAPIlrc.dll
c:\program files\ActivIdentity\ActivClient\Resources\acunlockrc.dll
.
- - - - - - - > 'explorer.exe'(3604)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\System32\SCardSvr.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\LeapFrog\LeapFrog Connect\CommandService.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\windows\system32\tcpsvcs.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\dllhost.exe
c:\windows\stsystra.exe
c:\windows\eHome\ehmsas.exe
c:\windows\system32\wscntfy.exe
c:\program files\Brother\ControlCenter3\brccMCtl.exe
c:\windows\system32\HPZipm12.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2012-07-14 06:25:51 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-14 10:25
ComboFix2.txt 2012-07-11 11:45
.
Pre-Run: 43,900,420,096 bytes free
Post-Run: 43,827,171,328 bytes free
.
- - End Of File - - 0527534473632328EE0EA1C627ADFDDE
3.
Download HijackThis
LOG:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:36:37 AM, on 7/14/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
C:\Program Files\ActivIdentity\ActivClient\acautoup.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\hphmon05.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Olympus\ib\olycamdetect.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL =
http://www.google.com/ig/dell?hl=en&...us&ibd=4061016
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\hphupd05.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"
O4 - HKLM\..\Run: [Olympus ib] "C:\Program Files\Olympus\ib\olycamdetect.exe" /Startup
O4 - HKLM\..\Run: [acevents] "C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
O4 - HKLM\..\Run: [accrdsub] "C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Monitor] "C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Olympus ib] "C:\Program Files\Olympus\ib\olycamdetect.exe" /Startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Default user')
O4 - Global Startup: ActivClient Agent.lnk = C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Add to Wish List - {76c5fb99-dd0a-4186-9e75-65d1bf3da283} - C:\Program Files\Amazon\Add to Wish List IE Extension\run.htm
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.aa.com
O15 - Trusted Zone:
http://www.ancestry.com
O15 - Trusted Zone: *.army.mil
O15 - Trusted Zone: *.dau.mil
O15 - Trusted Zone: *.disa.mil
O15 - Trusted Zone:
http://www.dsw.com
O15 - Trusted Zone:
http://www.keysenergy.com
O15 - Trusted Zone:
http://www.mymonthlycycles.com
O15 - Trusted Zone: *.navyfcu.org
O15 - Trusted Zone: *.noaa.gov
O15 - Trusted Zone: *.osd.mil
O15 - Trusted Zone: *.southcom.mil
O15 - Trusted Zone: *.ugov.gov
O15 - Trusted Zone: *.usmc.mil
O15 - Trusted IP range: 192.168.0.254
O15 - Trusted IP range:
http://192.168.1.1
O16 - DPF: Garmin Communicator Plug-In -
https://static.garmincdn.com/gcp/ie/...nAxControl.CAB
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) -
http://echat.bellsouth.net/sdccommon...ad/tgctlcm.cab
O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} -
O16 - DPF: {16F67783-7E72-4C39-99C4-4780A8335484} (SyncXfer Class) -
http://www.syncmyride.com/Own/Module...plets/sync.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) -
http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} (FixController Control) -
http://h30155.www3.hp.com/ediags/dd/...lMgr_v01_4.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -
http://cdn.scan.onecare.live.com/res...scbase6770.cab
O16 - DPF: {682C59F5-478C-4421-9070-AD170D143B77} (Launcher Class) -
http://www.dell.com/support/troubles.../Ode/pcd86.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/micr...?1341157801052
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) -
http://192.168.0.32/activex/AMC.cab
O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} (iCloud Web App Plugin) -
https://www.icloud.com/system/iCloud.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://floridakeysmedia.tv/axiscam/C...CamControl.ocx
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) -
http://www.fujifilm.net/upload/FujifilmUploadClient.cab
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) -
http://h20264.www2.hp.com/ediags/dd/...osticsxp2k.cab
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) -
http://support.dell.com/systemprofil...SystemLite.CAB
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} (Java Plug-in 1.6.0_29) -
O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} (Photodex Presenter AX control) -
http://www.photodex.com/pxplay.cab
O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} (RIM AxLoader) -
http://mobileapps.blackberry.com/dev...e/AxLoader.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) -
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O20 - Winlogon Notify: ackpbsc - C:\Program Files\ActivIdentity\ActivClient\ackpbsc.dll
O20 - Winlogon Notify: acunlock - C:\Program Files\ActivIdentity\ActivClient\acunlock.dll
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: ActivClient Auto-Update Service (acautoupdate) - ActivIdentity - C:\Program Files\ActivIdentity\ActivClient\acautoup.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LeapFrog Connect Device Service - LeapFrog Enterprises, Inc. - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 15533 bytes