Unsolved
This post is more than 5 years old
4 Posts
0
558
January 29th, 2008 17:00
Outerinfo problems!
Hi,
If anyone could please help I'd be so grateful as Outerinfo pop ups are driving me mad!
Many thanks in advance
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:00:47, on 29/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Scan saved at 19:00:47, on 29/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Documents and Settings\Matt\Local Settings\Temp\{F06FD48A-A0E6-44F4-8456-45339B1584FD}\{49C090F0-4D03-4DD2-87BA-BF6AA53B9735}\AutoConnect.exe
C:\WINDOWS\system32\wltray.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\UBIQUIO Skype DECT\USBPhone4Skype.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\TWF0dA\command.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\mrofinu572.exe
C:\WINDOWS\system32\40424A4B4949484.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\SCURIT~1\chkdsk.exe
C:\Program Files\Network Monitor\netmon.exe
C:\Program Files\Dot1XCfg\Dot1XCfg.exe
C:\Program Files\Router\Router.exe
C:\Documents and Settings\Matt\Application Data\Microsoft\Windows\rayiou.exe
C:\Program Files\Words\Words.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\SMART Board Software\SMARTBoardService.exe
C:\Program Files\SMART Board Software\SMARTBoardTools.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\SMART Board Software\Aware.exe
C:\Program Files\SMART Board Software\Marker.exe
C:\Program Files\Common Files\SMART Technologies Inc\SMART Product Update\SmartProductUpdate.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\??sks\c?rss.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Documents and Settings\Matt\Local Settings\Temp\{F06FD48A-A0E6-44F4-8456-45339B1584FD}\{49C090F0-4D03-4DD2-87BA-BF6AA53B9735}\AutoConnect.exe
C:\WINDOWS\system32\wltray.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\UBIQUIO Skype DECT\USBPhone4Skype.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\TWF0dA\command.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\mrofinu572.exe
C:\WINDOWS\system32\40424A4B4949484.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\SCURIT~1\chkdsk.exe
C:\Program Files\Network Monitor\netmon.exe
C:\Program Files\Dot1XCfg\Dot1XCfg.exe
C:\Program Files\Router\Router.exe
C:\Documents and Settings\Matt\Application Data\Microsoft\Windows\rayiou.exe
C:\Program Files\Words\Words.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\SMART Board Software\SMARTBoardService.exe
C:\Program Files\SMART Board Software\SMARTBoardTools.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\SMART Board Software\Aware.exe
C:\Program Files\SMART Board Software\Marker.exe
C:\Program Files\Common Files\SMART Technologies Inc\SMART Product Update\SmartProductUpdate.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\??sks\c?rss.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default.aspx?c=uk&l=en&s=gen
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.euro.dell.com/content/default.aspx?c=uk&l=en&s=gen
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=en&client=dell-inc&channel=uk
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [AutoConnect] "C:\Documents and Settings\Matt\Local Settings\Temp\{F06FD48A-A0E6-44F4-8456-45339B1584FD}\{49C090F0-4D03-4DD2-87BA-BF6AA53B9735}\AutoConnect.exe" BCMALL
O4 - HKLM\..\Run: [wltray.exe] C:\WINDOWS\system32\wltray.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [USBPhone4Skype] C:\Program Files\UBIQUIO Skype DECT\USBPhone4Skype.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu572.exe 61A847B5BBF728173599284503996897C881250221C8670836AC4FA7C8833201749139
O4 - HKLM\..\Run: [01030B0C0A0A090B1] 40424A4B4949484.exe
O4 - HKLM\..\Run: [BM3f81555f] Rundll32.exe "C:\WINDOWS\system32\olbqtukp.dll",s
O4 - HKLM\..\Run: [3cb266c3] rundll32.exe "C:\WINDOWS\system32\flmsgixm.dll",b
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Sen] "C:\WINDOWS\SCURIT~1\chkdsk.exe" -vt yazb
O4 - HKCU\..\Run: [Vcp] "C:\Program Files\??sks\c?rss.exe"
O4 - HKCU\..\Run: [Dot1XCfg] C:\Program Files\Dot1XCfg\Dot1XCfg.exe
O4 - HKCU\..\Run: [Router] C:\Program Files\Router\Router.exe
O4 - HKCU\..\Run: [WinTouch] C:\Documents and Settings\Matt\Application Data\WinTouch\WinTouch.exe
O4 - HKCU\..\Run: [SfKg6w] C:\Documents and Settings\Matt\Application Data\Microsoft\Windows\rayiou.exe
O4 - HKCU\..\Run: [Words] C:\Program Files\Words\Words.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: SMART Board Tools.lnk = C:\Program Files\SMART Board Software\SMARTBoardTools.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://www.bang-olufsen.com/InstallObjs/setup.exe
O16 - DPF: {556EEC63-31E2-47C3-BF29-DFF799D2FE04} (Remote Access ActiveX Client) - https://secure.logmein.com/activex/RACtrl.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://static.photobox.co.uk/sg/common/uploader_uni.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\TWF0dA\command.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: (Network Monitor) - Unknown owner - C:\Program Files\Network Monitor\netmon.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SMART Board Service - SMART Technologies Inc. - C:\Program Files\SMART Board Software\SMARTBoardService.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
O24 - Desktop Component 0: (no name) - http://upload.wikimedia.org/wikipedia/en/3/36/Watford.gif
O24 - Desktop Component 1: (no name) - http://www2.vebra.com/parkheath/rickmansworth/sales/ecimage0/dickinsonsquare1.jpg
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default.aspx?c=uk&l=en&s=gen
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.euro.dell.com/content/default.aspx?c=uk&l=en&s=gen
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=en&client=dell-inc&channel=uk
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [AutoConnect] "C:\Documents and Settings\Matt\Local Settings\Temp\{F06FD48A-A0E6-44F4-8456-45339B1584FD}\{49C090F0-4D03-4DD2-87BA-BF6AA53B9735}\AutoConnect.exe" BCMALL
O4 - HKLM\..\Run: [wltray.exe] C:\WINDOWS\system32\wltray.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [USBPhone4Skype] C:\Program Files\UBIQUIO Skype DECT\USBPhone4Skype.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu572.exe 61A847B5BBF728173599284503996897C881250221C8670836AC4FA7C8833201749139
O4 - HKLM\..\Run: [01030B0C0A0A090B1] 40424A4B4949484.exe
O4 - HKLM\..\Run: [BM3f81555f] Rundll32.exe "C:\WINDOWS\system32\olbqtukp.dll",s
O4 - HKLM\..\Run: [3cb266c3] rundll32.exe "C:\WINDOWS\system32\flmsgixm.dll",b
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Sen] "C:\WINDOWS\SCURIT~1\chkdsk.exe" -vt yazb
O4 - HKCU\..\Run: [Vcp] "C:\Program Files\??sks\c?rss.exe"
O4 - HKCU\..\Run: [Dot1XCfg] C:\Program Files\Dot1XCfg\Dot1XCfg.exe
O4 - HKCU\..\Run: [Router] C:\Program Files\Router\Router.exe
O4 - HKCU\..\Run: [WinTouch] C:\Documents and Settings\Matt\Application Data\WinTouch\WinTouch.exe
O4 - HKCU\..\Run: [SfKg6w] C:\Documents and Settings\Matt\Application Data\Microsoft\Windows\rayiou.exe
O4 - HKCU\..\Run: [Words] C:\Program Files\Words\Words.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: SMART Board Tools.lnk = C:\Program Files\SMART Board Software\SMARTBoardTools.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://www.bang-olufsen.com/InstallObjs/setup.exe
O16 - DPF: {556EEC63-31E2-47C3-BF29-DFF799D2FE04} (Remote Access ActiveX Client) - https://secure.logmein.com/activex/RACtrl.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://static.photobox.co.uk/sg/common/uploader_uni.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\TWF0dA\command.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: (Network Monitor) - Unknown owner - C:\Program Files\Network Monitor\netmon.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SMART Board Service - SMART Technologies Inc. - C:\Program Files\SMART Board Software\SMARTBoardService.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
O24 - Desktop Component 0: (no name) - http://upload.wikimedia.org/wikipedia/en/3/36/Watford.gif
O24 - Desktop Component 1: (no name) - http://www2.vebra.com/parkheath/rickmansworth/sales/ecimage0/dickinsonsquare1.jpg
--
End of file - 12551 bytes
End of file - 12551 bytes
No Events found!


1972vet
3.3K Posts
0
January 30th, 2008 02:00
iveco
4 Posts
0
January 31st, 2008 19:00
-------\LEGACY_CMDSERVICE
-------\LEGACY_NETWORK_MONITOR
-------\cmdService
-------\Network Monitor
((((((((((((((((((((((((( Files Created from 2007-12-28 to 2008-01-30 )))))))))))))))))))))))))))))))
.
2008-01-27 19:35 . 2008-01-27 19:35
2008-01-27 19:35 . 2007-12-14 12:40 120,832 --a------ C:\WINDOWS\system32\40424A4B4949484.exe
2008-01-26 14:55 . 2008-01-26 14:55
2008-01-26 14:52 . 2008-01-26 14:52
2008-01-26 14:52 . 2008-01-26 14:52
2008-01-26 14:52 . 2008-01-26 14:52
2008-01-22 19:29 . 2008-01-22 19:29 68,160 --a------ C:\WINDOWS\system32\olbqtukp.dll
2008-01-21 19:21 . 2008-01-23 19:21 49 --a------ C:\WINDOWS\BM3f81555f.xml
2008-01-15 19:38 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\vgwwgqvw.dll
2008-01-15 19:38 . 2008-01-14 21:11 3,257 --a------ C:\WINDOWS\system32\vgwwgqvw.xml
2008-01-14 21:32 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\fltaolct.dll
2008-01-14 21:32 . 2008-01-14 21:11 3,257 --a------ C:\WINDOWS\system32\fltaolct.xml
2008-01-13 22:00 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\adyfbnlr.dll
2008-01-13 22:00 . 2008-01-14 21:11 3,257 --a------ C:\WINDOWS\system32\adyfbnlr.xml
2008-01-13 18:44 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\rcuhvtdu.dll
2008-01-13 18:44 . 2008-01-13 21:59 3,352 --a------ C:\WINDOWS\system32\rcuhvtdu.xml
2008-01-13 17:07 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\pnpgnmxg.dll
2008-01-13 17:07 . 2008-01-13 17:27 3,257 --a------ C:\WINDOWS\system32\pnpgnmxg.xml
2008-01-13 13:16 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\ggnjftfr.dll
2008-01-13 13:16 . 2008-01-13 13:08 3,257 --a------ C:\WINDOWS\system32\ggnjftfr.xml
2008-01-13 06:52 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\vutblabs.dll
2008-01-13 06:52 . 2008-01-13 13:08 3,257 --a------ C:\WINDOWS\system32\vutblabs.xml
2008-01-12 19:45 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\qjuayqqw.dll
2008-01-12 19:45 . 2008-01-13 06:49 3,257 --a------ C:\WINDOWS\system32\qjuayqqw.xml
2008-01-12 12:06 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\ctptcjuz.dll
2008-01-12 12:06 . 2008-01-12 17:38 3,257 --a------ C:\WINDOWS\system32\ctptcjuz.xml
2008-01-11 21:36 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\cyrrrtdb.dll
2008-01-11 21:36 . 2008-01-12 08:44 3,258 --a------ C:\WINDOWS\system32\cyrrrtdb.xml
2008-01-11 06:29 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\ngvvtwcs.dll
2008-01-11 06:29 . 2008-01-11 19:49 3,258 --a------ C:\WINDOWS\system32\ngvvtwcs.xml
2008-01-10 21:30 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\ezsgsosa.dll
2008-01-10 21:30 . 2008-01-10 21:29 3,351 --a------ C:\WINDOWS\system32\ezsgsosa.xml
2008-01-10 09:26 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\eielhjjm.dll
2008-01-10 09:26 . 2008-01-10 21:29 3,351 --a------ C:\WINDOWS\system32\eielhjjm.xml
2008-01-09 21:06 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\jchpzkqo.dll
2008-01-09 21:06 . 2008-01-09 14:43 3,258 --a------ C:\WINDOWS\system32\jchpzkqo.xml
2008-01-09 19:09 . 2008-01-10 19:09 1,614 --ahs---- C:\WINDOWS\system32\vayubemw.ini
2008-01-09 14:47 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\lxaljynv.dll
2008-01-09 14:47 . 2008-01-09 14:43 3,258 --a------ C:\WINDOWS\system32\lxaljynv.xml
2008-01-08 21:26 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\eyrtlcnj.dll
2008-01-08 21:26 . 2008-01-09 14:43 3,258 --a------ C:\WINDOWS\system32\eyrtlcnj.xml
2008-01-07 22:17 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\suahtykh.dll
2008-01-07 22:17 . 2008-01-08 21:18 3,258 --a------ C:\WINDOWS\system32\suahtykh.xml
2008-01-07 20:00 . 2008-01-07 20:00
2008-01-06 21:13 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\vrojifvo.dll
2008-01-06 21:13 . 2008-01-07 19:54 3,351 --a------ C:\WINDOWS\system32\vrojifvo.xml
2008-01-05 21:21 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\ffaofmjz.dll
2008-01-05 21:21 . 2008-01-06 21:09 3,257 --a------ C:\WINDOWS\system32\ffaofmjz.xml
2008-01-05 14:22 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\gfttvfzi.dll
2008-01-05 14:22 . 2008-01-05 20:13 3,352 --a------ C:\WINDOWS\system32\gfttvfzi.xml
2007-12-29 12:22 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\jcytyuzo.dll
2007-12-29 12:22 . 2008-01-05 14:04 3,352 --a------ C:\WINDOWS\system32\jcytyuzo.xml
2007-12-29 09:28 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\wfqhpeug.dll
2007-12-29 09:28 . 2007-12-29 10:59 3,257 --a------ C:\WINDOWS\system32\wfqhpeug.xml
2007-12-28 22:39 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\dcnkmrte.dll
2007-12-28 22:39 . 2007-12-29 09:17 3,257 --a------ C:\WINDOWS\system32\dcnkmrte.xml
2007-12-28 19:50 . 2007-12-28 19:51
2007-12-28 19:46 . 2008-01-30 06:51 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-28 19:46 . 2007-12-28 19:46 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-28 19:44 . 2007-12-28 19:44
2007-12-28 19:43 . 2007-12-28 19:43
2007-12-28 19:43 . 2007-12-28 19:43
2007-12-28 19:08 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\dkjpcntc.dll
2007-12-28 19:08 . 2007-12-28 22:29 3,257 --a------ C:\WINDOWS\system32\dkjpcntc.xml
2007-12-28 07:37 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\gjjquoon.dll
2007-12-28 07:37 . 2007-12-28 19:07 3,257 --a------ C:\WINDOWS\system32\gjjquoon.xml
2007-12-26 07:28 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\uhnccswx.dll
2007-12-26 07:28 . 2007-12-27 21:13 3,351 --a------ C:\WINDOWS\system32\uhnccswx.xml
2007-12-25 08:01 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\phildiul.dll
2007-12-25 08:01 . 2007-12-26 07:25 2,411 --a------ C:\WINDOWS\system32\phildiul.xml
2007-12-24 22:11 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\xdzbzrvy.dll
2007-12-24 22:11 . 2007-12-24 21:02 2,506 --a------ C:\WINDOWS\system32\xdzbzrvy.xml
2007-12-24 21:02 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\oelcjtmx.dll
2007-12-24 21:02 . 2007-12-24 21:02 2,506 --a------ C:\WINDOWS\system32\oelcjtmx.xml
2007-12-24 21:02 . 2008-01-30 06:51 22 --a------ C:\WINDOWS\pskt.ini
2007-12-21 20:51 . 2007-12-21 20:51
2007-12-21 20:51 . 2007-12-21 20:51
2007-12-21 19:58 . 2007-12-21 19:58
2007-12-15 20:30 . 2007-12-16 19:40 714 --ahs---- C:\WINDOWS\system32\llccwpki.ini
2007-12-13 20:37 . 2007-12-13 20:37
2007-12-13 20:32 . 2007-10-10 23:55 6,065,664 --------- C:\WINDOWS\system32\dllcache\ieframe.dll
2007-12-13 20:32 . 2007-10-10 23:55 459,264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-12-13 20:32 . 2007-10-10 23:55 383,488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-12-13 20:32 . 2007-10-10 23:55 267,776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll
2007-12-13 20:32 . 2007-10-10 23:55 63,488 --------- C:\WINDOWS\system32\dllcache\icardie.dll
2007-12-13 20:32 . 2007-10-10 23:55 52,224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-12-13 20:32 . 2007-10-10 10:59 13,824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-12-12 09:42 . 2007-12-12 09:42
2007-12-12 09:42 . 2007-12-12 09:42
2007-12-12 09:42 . 2007-05-30 12:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-12-12 09:35 . 2007-12-12 09:35
2007-12-12 08:46 . 2007-12-12 08:46
2007-12-12 07:37 . 2007-12-12 08:22
2007-12-12 07:29 . 2007-12-12 07:29
2007-12-11 11:45 . 2007-12-12 10:34
2007-12-11 11:45 . 2007-12-21 21:00
2007-12-11 11:45 . 2007-12-11 11:45
2007-12-11 11:45 . 2007-12-11 11:45 39,936 --a------ C:\WINDOWS\system32\ddcddde.dll
2007-12-11 10:57 . 2007-12-11 10:57 65,536 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-30 06:43 --------- d-----w C:\Documents and Settings\Matt\Application Data\Skype
2007-12-28 19:50 --------- d-----w C:\Program Files\iPod
2007-12-28 19:48 --------- d-----w C:\Program Files\QuickTime
2007-12-28 19:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-12-12 15:23 --------- d-----w C:\Program Files\Macromedia
2007-12-12 08:45 --------- d-----w C:\Program Files\Yahoo!
2007-12-12 07:37 --------- d-----w C:\Program Files\Common Files\Adobe
2007-12-01 07:49 --------- d-----w C:\Program Files\LogMeIn Backup
2007-11-14 07:26 450,560 ----a-w C:\WINDOWS\system32\dllcache\jscript.dll
2007-11-07 09:26 721,920 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-11-07 09:26 721,920 ------w C:\WINDOWS\system32\dllcache\lsasrv.dll
2007-10-30 17:20 360,064 ------w C:\WINDOWS\system32\dllcache\tcpip.sys
2007-10-30 09:55 3,065,856 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-29 22:43 1,287,680 ------w C:\WINDOWS\system32\dllcache\quartz.dll
2007-10-27 17:40 227,328 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-27 17:40 227,328 ----a-w C:\WINDOWS\system32\dllcache\wmasf.dll
2007-10-26 03:34 8,460,288 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-11 05:57 96,256 ----a-w C:\WINDOWS\system32\dllcache\inseng.dll
2007-10-11 05:57 666,112 ----a-w C:\WINDOWS\system32\wininet.dll
2007-10-11 05:57 666,112 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
2007-10-11 05:57 617,984 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-10-11 05:57 55,808 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-10-11 05:57 532,480 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
2007-10-11 05:57 474,112 ------w C:\WINDOWS\system32\dllcache\shlwapi.dll
2007-10-11 05:57 449,024 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-10-11 05:57 39,424 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
2007-10-11 05:57 357,888 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
2007-10-11 05:57 251,904 ----a-w C:\WINDOWS\system32\dllcache\iepeers.dll
2007-10-11 05:57 205,824 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-10-11 05:57 16,384 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-10-11 05:57 151,040 ------w C:\WINDOWS\system32\dllcache\cdfview.dll
2007-10-11 05:57 146,432 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
2007-10-11 05:57 1,498,112 ------w C:\WINDOWS\system32\dllcache\shdocvw.dll
2007-10-11 05:57 1,054,208 ------w C:\WINDOWS\system32\dllcache\danim.dll
2007-10-11 05:57 1,024,000 ------w C:\WINDOWS\system32\dllcache\browseui.dll
2007-10-10 10:48 18,432 ----a-w C:\WINDOWS\system32\dllcache\iedw.exe
2006-10-03 19:15 56 --sh--r C:\WINDOWS\system32\26372AB22B.sys
2006-10-29 20:55 88 --sh--r C:\WINDOWS\system32\2BB22A3726.sys
2006-10-29 20:55 6,580 -csha-w C:\WINDOWS\system32\KGyGaAvL.sys
.
iveco
4 Posts
0
January 31st, 2008 19:00
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.109 [GMT 0:00]
Running from: C:\Documents and Settings\Matt\Desktop\ComboFix.exe
* Created a new restore point
.
.
C:\WINDOWS\system32\awvvt.dll
C:\Documents and Settings\LocalService\Application Data\NetMon
C:\Documents and Settings\LocalService\Application Data\NetMon\domains.txt
C:\Documents and Settings\LocalService\Application Data\NetMon\log.txt
C:\Documents and Settings\Matt\Application Data\CURITY~1
C:\Documents and Settings\Matt\Application Data\WinTouch\wintouch.cfg
C:\Documents and Settings\Matt\Application Data\WinTouch\WinTouch.exe
C:\Documents and Settings\Matt\Application Data\WinTouch\WTUninstaller.exe
C:\Documents and Settings\NetworkService\Application Data\NetMon
C:\Documents and Settings\NetworkService\Application Data\NetMon\domains.txt
C:\Documents and Settings\NetworkService\Application Data\NetMon\log.txt
C:\Program Files\inetget2
C:\Program Files\inetget2\install_words.exe
C:\Program Files\network monitor
C:\Program Files\network monitor\netmon.exe
C:\Program Files\Online Services\meno455101.dll
C:\Program Files\Router
C:\Program Files\Router\Router.exe
C:\Program Files\Router\UnInstall.exe
C:\Program Files\sks~1
C:\Program Files\Temporary
C:\Program Files\WinAble
C:\Program Files\Words
C:\Program Files\Words\list.txt
C:\Program Files\Words\UnInstall.exe
C:\Program Files\Words\Words.exe
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\Temp\bkR11
C:\Temp\bkR11\ftCa.log
C:\WINDOWS\b104.exe
C:\WINDOWS\b116.exe
C:\WINDOWS\b122.exe
C:\WINDOWS\b138.exe
C:\WINDOWS\b143.exe
C:\WINDOWS\b149.exe
C:\WINDOWS\b151.exe
C:\WINDOWS\cookies.ini
C:\WINDOWS\dobe~1
C:\WINDOWS\mrofinu572.exe
C:\WINDOWS\system32\aduhksbo.ini
C:\WINDOWS\system32\amcdhpbn.dll
C:\WINDOWS\system32\ascswnhi.dll
C:\WINDOWS\system32\asemcerd.ini
C:\WINDOWS\system32\atmtd.dll
C:\WINDOWS\system32\atmtd.dll._
C:\WINDOWS\system32\avyynuor.dll
C:\WINDOWS\system32\awvvt.dll
C:\WINDOWS\system32\cxmvltxn.ini
C:\WINDOWS\system32\daicquwx.ini
C:\WINDOWS\system32\ddcbcdc.dll
C:\WINDOWS\system32\dwvtbgou.dll
C:\WINDOWS\system32\ewohcdlc.dll
C:\WINDOWS\system32\flmsgixm.dll
C:\WINDOWS\system32\fucipucy.ini
C:\WINDOWS\system32\ggkjwtfg.ini
C:\WINDOWS\system32\gjoatspu.dll
C:\WINDOWS\system32\gmekrlok.ini
C:\WINDOWS\system32\guytojol.ini
C:\WINDOWS\system32\gwooopnc.ini
C:\WINDOWS\system32\hwnusupb.dll
C:\WINDOWS\system32\iateordf.dll
C:\WINDOWS\system32\igonnwmg.ini
C:\WINDOWS\system32\ihtubmkg.ini
C:\WINDOWS\system32\iluqmbly.dll
C:\WINDOWS\system32\isthrjhc.dll
C:\WINDOWS\system32\iteeslgq.dll
C:\WINDOWS\system32\jkmgstda.ini
C:\WINDOWS\system32\kffpxxxu.ini
C:\WINDOWS\system32\kstmyaao.ini
C:\WINDOWS\system32\lapqnaue.ini
C:\WINDOWS\system32\lojotyug.dll
C:\WINDOWS\system32\lsgfbyue.dll
C:\WINDOWS\system32\mbagilck.ini
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\mwiotkll.ini
C:\WINDOWS\system32\mxhmbcwp.ini
C:\WINDOWS\system32\mxigsmlf.ini
C:\WINDOWS\system32\myjuqfui.ini
C:\WINDOWS\system32\natlslcu.ini
C:\WINDOWS\system32\ngfxpafl.dll
C:\WINDOWS\system32\nmosaryu.ini
C:\WINDOWS\system32\npennuvi.dll
C:\WINDOWS\system32\obskhuda.dll
C:\WINDOWS\system32\oijaxeet.ini
C:\WINDOWS\system32\ojeagsmu.dll
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\psebwsxm.ini
C:\WINDOWS\system32\ptciruvt.ini
C:\WINDOWS\system32\pwcbmhxm.dll
C:\WINDOWS\system32\qbebafyi.ini
C:\WINDOWS\system32\raogrvqf.ini
C:\WINDOWS\system32\rmpgpono.dll
C:\WINDOWS\system32\rounyyva.ini
C:\WINDOWS\system32\sgyshfpy.ini
C:\WINDOWS\system32\snxxaagp.ini
C:\WINDOWS\system32\tagscrcg.ini
C:\WINDOWS\system32\tpldkxdy.ini
C:\WINDOWS\system32\tqvxtvvn.ini
C:\WINDOWS\system32\tvvwa.ini
C:\WINDOWS\system32\tvvwa.ini2
C:\WINDOWS\system32\ulighlxf.ini
C:\WINDOWS\system32\uogbtvwd.ini
C:\WINDOWS\system32\uxxxpffk.dll
C:\WINDOWS\system32\uyrgcvfk.ini
C:\WINDOWS\system32\viaudhro.dll
C:\WINDOWS\system32\vjikiqnq.ini
C:\WINDOWS\system32\vurvlwyl.ini
C:\WINDOWS\system32\wqskkhxr.dll
C:\WINDOWS\system32\wuvqtnnx.ini
C:\WINDOWS\system32\wytcglrp.ini
C:\WINDOWS\system32\xaglfnki.ini
C:\WINDOWS\system32\xcvbwdny.ini
C:\WINDOWS\system32\xnntqvuw.dll
C:\WINDOWS\system32\ydftnffk.ini
C:\WINDOWS\system32\ykuisclr.ini
C:\WINDOWS\system32\ytkxdaew.ini
C:\WINDOWS\TWF0dA\
C:\WINDOWS\TWF0dA\\asappsrv.dll
C:\WINDOWS\TWF0dA\\command.exe
C:\WINDOWS\TWF0dA\\nqIXxE.vbs
C:\WINDOWS\TWF0dA\command.exe
C:\WINDOWS\uninstall_nmon.vbs
iveco
4 Posts
0
January 31st, 2008 19:00
Thanks again
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
C:\Program Files\Messenger\quzake.dll
C:\Program Files\Online Services\meno4444.dll
C:\Program Files\Online Services\meno83122.dll
2007-12-11 11:45 39936 --a------ C:\WINDOWS\system32\ddcddde.dll
C:\WINDOWS\system32\ybbgj.dll
"ModemOnHold"="C:\Program Files\NetWaiting\netWaiting.exe" [2003-09-10 01:24 20480]
"DellSupport"="C:\Program Files\Dell Support\DSAgnt.exe" [2004-07-19 06:51 306688]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 16:24 1694208]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 04:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-07 08:33 68856]
"Dot1XCfg"="C:\Program Files\Dot1XCfg\Dot1XCfg.exe" [2008-01-26 14:55 61440]
"Router"="C:\Program Files\Router\Router.exe" [ ]
"01030B0C0A0A090B1"="40424A4B4949484.exe" [2007-12-14 12:40 120832 C:\WINDOWS\system32\40424A4B4949484.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe" [2003-11-19 16:48 32881]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 15:30 282624 C:\WINDOWS\stsystra.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 10:48 761947]
"Dell QuickSet"="C:\Program Files\Dell\QuickSet\quickset.exe" [2006-04-06 13:58 1032192]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 13:43 45056]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-09 19:29 49152]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 00:02 86016]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-12-06 00:05 127035]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 09:44 249856]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 09:44 81920]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [2006-06-21 14:55 26112]
"MSKDetectorExe"="C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" [2005-07-12 18:05 1117184]
"AutoConnect"="C:\Documents and Settings\Matt\Local Settings\Temp\{F06FD48A-A0E6-44F4-8456-45339B1584FD}\{49C090F0-4D03-4DD2-87BA-BF6AA53B9735}\AutoConnect.exe" [2005-05-26 08:53 28672]
"wltray.exe"="C:\WINDOWS\system32\wltray.exe" [2005-06-08 16:32 778318]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-05-01 08:28 667718]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-05-01 08:28 602182]
"USBPhone4Skype"="C:\Program Files\UBIQUIO Skype DECT\USBPhone4Skype.exe" [2006-08-14 16:12 208896]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 09:25 6731312]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-12-11 10:56 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-12-11 12:10 267048]
"BM3f81555f"="C:\WINDOWS\system32\olbqtukp.dll" [2008-01-22 19:29 68160]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 04:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-07 08:33 68856]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2006-06-21 14:46:19 24576]
SMART Board Tools.lnk - C:\Program Files\SMART Board Software\SMARTBoardTools.exe [2006-09-18 04:53:26 3395584]
"DisableRegistryTools"= 0 (0x0)
"{B285004D-6D02-4212-91FC-B8F47B68C254}"= C:\WINDOWS\system32\ddcddde.dll [2007-12-11 11:45 39936]
ddcddde.dll 2007-12-11 11:45 39936 C:\WINDOWS\system32\ddcddde.dll
Contents of the 'Scheduled Tasks' folder
"2008-01-17 09:39:04 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
Rootkit scan 2008-01-30 06:51:37
Windows 5.1.2600 Service Pack 2 NTFS
hidden files: 0
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\SMART Board Software\SMARTBoardService.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\40424A4B4949484.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Documents and Settings\Matt\Local Settings\Temp\{F06FD48A-A0E6-44F4-8456-45339B1584FD}\{49C090F0-4D03-4DD2-87BA-BF6AA53B9735}\AutoConnect.exe
C:\WINDOWS\system32\wltray.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\UBIQUIO Skype DECT\USBPhone4Skype.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Dot1XCfg\Dot1XCfg.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\SMART Board Software\SMARTBoardTools.exe
C:\Program Files\SMART Board Software\Aware.exe
C:\Program Files\SMART Board Software\Marker.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\SMART Technologies Inc\SMART Product Update\SmartProductUpdate.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\rundll32.exe
.
**************************************************************************
.
Completion time: 2008-01-30 6:56:43 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-30 06:56:29
.
2008-01-29 18:57:55 --- E O F ---
1972vet
3.3K Posts
0
January 31st, 2008 23:00