windows vista warning
Hi, Everytime my windows vista starts i get a warning as follows:
C:\Windows\System32\MSLTST~1.EXE
The NTVDM CPU has encountered an illegal instruction.
CS:11eb IP:0202 OP:63 74 69 76 65 Chose ' Close ' to terminate the application.
I don't know what to do with this one. I ran a hijack this and here is the file.
C:\Windows\System32\MSLTST~1.EXE
The NTVDM CPU has encountered an illegal instruction.
CS:11eb IP:0202 OP:63 74 69 76 65 Chose ' Close ' to terminate the application.
I don't know what to do with this one. I ran a hijack this and here is the file.
0
Comments
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2354 [GMT -7:00]
Running from: C:\Users\Fred\Documents\My Completed Downloads\Software Downloads\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Users\Fred\AppData\Roaming\Install.dat
.
((((((((((((((((((((((((( Files Created from 2008-08-05 to 2008-09-05 )))))))))))))))))))))))))))))))
.
2008-09-05 08:21 . 2008-09-05 08:21 <DIR> d
C:\Users\Fred\AppData\Roaming\Malwarebytes
2008-09-05 08:21 . 2008-09-05 08:21 <DIR> d
C:\ProgramData\Malwarebytes
2008-09-05 08:21 . 2008-09-05 08:21 <DIR> d
C:\Program Files\Malwarebytes' Anti-Malware
2008-09-05 08:21 . 2008-09-02 00:16 38,528 --a
C:\Windows\System32\drivers\mbamswissarmy.sys
2008-09-05 08:21 . 2008-09-02 00:16 17,200 --a
C:\Windows\System32\drivers\mbam.sys
2008-09-05 07:46 . 2008-09-05 07:46 <DIR> d
C:\Windows\A3W_DATA
2008-09-05 07:46 . 2008-09-05 07:57 <DIR> d
C:\Program Files\LDC
2008-09-05 07:46 . 2008-09-05 07:57 154,112 --a
C:\Windows\~GLC0001.TMP
2008-09-05 07:46 . 1995-07-13 20:43 26,768 --a
C:\Windows\System32\CTL3D.DLL
2008-09-05 07:46 . 2008-09-05 07:57 5,607 --a
C:\Windows\~GLH0001.TMP
2008-09-05 07:46 . 1996-02-08 14:16 1 --a
C:\Windows\System32\PTLCDBAS.INI
2008-09-05 07:46 . 1996-02-08 14:16 1 --a
C:\Windows\System32\INIVALUE.INI
2008-09-05 07:45 . 2008-09-05 07:45 154,112 --a
C:\Windows\~GLC0000.TMP
2008-09-05 07:45 . 2008-09-05 07:45 5,607 --a
C:\Windows\~GLH0000.TMP
2008-09-04 03:21 . 2008-09-04 03:21 <DIR> d
C:\ProgramData\ComStrAdm
2008-09-03 15:21 . 2008-09-03 15:21 <DIR> d
C:\ProgramData\mntapiwin
2008-09-03 03:21 . 2008-09-03 03:21 <DIR> d
C:\ProgramData\gensys
2008-09-02 16:16 . 2008-09-02 16:16 <DIR> d
C:\Users\Fred\AppData\Roaming\Media Player Classic
2008-09-02 15:59 . 2008-09-02 15:59 <DIR> d
C:\Program Files\K-Lite Codec Pack
2008-09-02 15:59 . 2008-07-03 23:34 860,160 --a
C:\Windows\System32\lameACM.acm
2008-09-02 15:59 . 2008-01-10 05:15 755,027 --a
C:\Windows\System32\xvidcore.dll
2008-09-02 15:59 . 2004-01-25 09:18 217,088 --a
C:\Windows\System32\yv12vfw.dll
2008-09-02 15:59 . 2007-09-04 09:56 164,352 --a
C:\Windows\System32\unrar.dll
2008-09-02 15:59 . 2008-01-10 05:16 159,839 --a
C:\Windows\System32\xvidvfw.dll
2008-09-02 15:59 . 2007-09-20 17:52 118,784 --a
C:\Windows\System32\ac3acm.acm
2008-09-02 15:59 . 2008-06-12 11:36 7,680 --a
C:\Windows\System32\ff_vfw.dll
2008-09-02 15:59 . 2007-07-10 09:10 547 --a
C:\Windows\System32\ff_vfw.dll.manifest
2008-09-02 15:59 . 2007-10-03 08:03 414 --a
C:\Windows\System32\lame_acm.xml
2008-09-02 15:59 . 2008-07-30 12:09 38 --a
C:\Windows\avisplitter.ini
2008-09-02 15:51 . 2008-09-02 15:51 <DIR> d
C:\Users\Fred\AppData\Roaming\AVS4YOU
2008-09-02 15:51 . 2008-09-02 15:51 <DIR> d
C:\ProgramData\AVS4YOU
2008-09-02 15:50 . 2008-09-02 15:50 <DIR> d
C:\Program Files\Common Files\AVSMedia
2008-09-02 15:50 . 2008-09-02 15:51 <DIR> d
C:\Program Files\AVS4YOU
2008-09-02 15:50 . 2007-02-27 19:36 974,848 --a
C:\Windows\System32\mfc70.dll
2008-09-02 15:50 . 2007-02-27 19:36 487,424 --a
C:\Windows\System32\msvcp70.dll
2008-09-02 15:50 . 2007-02-27 19:36 24,576 --a
C:\Windows\System32\msxml3a.dll
2008-09-02 15:21 . 2008-09-02 15:21 <DIR> d
C:\ProgramData\DbAdm
2008-09-02 03:20 . 2008-09-02 03:20 <DIR> d
C:\ProgramData\UiComAct
2008-09-01 19:12 . 2008-09-04 10:12 <DIR> d
C:\Users\Fred\AppData\Roaming\DNA
2008-09-01 19:12 . 2008-09-04 10:12 <DIR> d
C:\Users\Fred\AppData\Roaming\BitTorrent
2008-09-01 19:12 . 2008-09-01 19:12 <DIR> d
C:\Program Files\DNA
2008-09-01 19:12 . 2008-09-01 19:12 <DIR> d
C:\Program Files\BitTorrent
2008-09-01 16:33 . 2008-09-01 16:44 <DIR> d
C:\Users\Fred\AppData\Roaming\MagicBall3
2008-09-01 15:20 . 2008-09-01 15:20 <DIR> d
C:\ProgramData\ApiApl
2008-09-01 08:52 . 2008-09-01 08:52 <DIR> d
C:\ProgramData\chkcom
2008-09-01 08:52 . 2008-09-01 08:52 <DIR> d
C:\ProgramData\ActAplAdm
2008-08-31 18:47 . 2008-08-31 18:47 <DIR> d
C:\ProgramData\cfgchkwin
2008-08-31 07:12 . 2008-08-31 07:12 <DIR> d
C:\Program Files\NPD Ford 1980-1996 Catalog
2008-08-31 06:47 . 2008-08-31 06:47 <DIR> d
C:\ProgramData\enapi
2008-08-31 06:47 . 2008-08-31 06:47 <DIR> d
C:\ProgramData\ActAppChk
2008-08-30 15:13 . 2008-08-30 15:13 <DIR> d
C:\Users\Fred\AppData\Roaming\Apple Computer
2008-08-30 09:52 . 2008-08-30 09:52 226 --a
C:\Windows\wininit.ini
2008-08-30 09:26 . 2008-08-31 20:29 <DIR> d
C:\Program Files\SpywareBlaster
2008-08-30 08:33 . 2008-08-30 09:53 <DIR> d
C:\ProgramData\Spybot - Search & Destroy
2008-08-30 08:33 . 2008-08-30 09:21 <DIR> d
C:\Program Files\Spybot - Search & Destroy
2008-08-30 07:57 . 2008-08-30 07:57 <DIR> d
C:\ProgramData\Apple
2008-08-30 07:57 . 2008-08-30 07:57 <DIR> d
C:\Program Files\Apple Software Update
2008-08-28 18:13 . 2008-08-28 18:13 <DIR> d
C:\Users\Fred\AppData\Roaming\FloodLightGames
2008-08-28 18:13 . 2008-08-28 18:13 <DIR> d
C:\ProgramData\FloodLightGames
2008-08-28 18:12 . 2008-08-28 18:12 <DIR> d
C:\Program Files\Death On The Nile
2008-08-27 12:23 . 2008-08-27 12:23 <DIR> d
C:\diyonline
2008-08-27 09:16 . 2008-08-27 09:16 <DIR> d
C:\Users\Fred\AppData\Roaming\MusicNet
2008-08-27 08:20 . 2008-08-27 08:20 <DIR> d
C:\Users\Fred\AppData\Roaming\vlc
2008-08-27 08:17 . 2008-08-27 08:17 <DIR> d
C:\Program Files\VideoLAN
2008-08-27 08:10 . 2008-09-02 00:08 <DIR> d
C:\ProgramData\Apple Computer
2008-08-27 08:10 . 2008-09-02 00:05 <DIR> d
C:\Program Files\QuickTime
2008-08-26 08:26 . 2008-08-26 08:26 <DIR> d
C:\ProgramData\nmnkxado
2008-08-26 08:26 . 2008-08-27 18:37 <DIR> d
C:\ProgramData\mntcfg
2008-08-26 08:26 . 2008-08-27 07:55 <DIR> d
C:\ProgramData\dbmntsys
2008-08-26 07:58 . 2008-08-26 07:58 <DIR> d
C:\ProgramData\NOS
2008-08-26 07:58 . 2008-08-26 07:58 <DIR> d
C:\Program Files\NOS
2008-08-26 07:57 . 2008-08-26 07:57 <DIR> d
C:\ProgramData\Ashampoo
2008-08-26 07:57 . 2008-08-26 07:57 <DIR> d
C:\Program Files\Ashampoo
2008-08-23 11:15 . 2008-08-23 11:15 <DIR> d
C:\ProgramData\Trymedia
2008-08-23 11:13 . 2008-09-01 15:23 <DIR> d
C:\Program Files\eGames
2008-08-22 21:13 . 2008-08-22 21:13 <DIR> d
C:\Program Files\AOL Companion
2008-08-22 21:13 . 2008-08-22 21:13 <DIR> d
C:\Install Winamp
2008-08-22 21:13 . 2008-08-22 21:13 <DIR> d
C:\Install ICQ
2008-08-22 21:13 . 2008-08-22 21:13 <DIR> d
C:\Install AOL Communicator
2008-08-22 21:13 . 2008-08-22 21:13 <DIR> d
C:\AOL Instant Messenger
2008-08-22 21:12 . 2003-09-24 11:42 153,088 --a
C:\Windows\System32\jgdwmie.dll
2008-08-22 21:12 . 2003-09-24 11:41 24,660 --a
C:\Windows\System32\aolddial.dll
2008-08-22 21:11 . 2008-08-22 21:13 <DIR> d
C:\Program Files\Common Files\aolshare
2008-08-22 21:11 . 2008-08-28 17:34 <DIR> d
C:\Program Files\America Online 9.0a
2008-08-22 18:31 . 2008-08-22 18:31 <DIR> d
C:\Program Files\Lavasoft
2008-08-22 17:23 . 2008-08-28 17:21 <DIR> d
C:\Program Files\The_Pirate_Bay
2008-08-22 17:23 . 2008-08-28 17:21 <DIR> d
C:\Program Files\Conduit
2008-08-22 07:38 . 2008-08-22 16:31 <DIR> d
C:\Program Files\Wild West Quest
2008-08-22 07:37 . 2008-08-22 07:37 <DIR> d
C:\Program Files\ReflexiveArcade
2008-08-21 08:44 . 2008-08-21 08:44 <DIR> d
C:\Windows\uninstall\12th Century BlackJack
2008-08-21 08:44 . 2008-08-21 18:28 <DIR> d
C:\Program Files\12thCenturyBlackJack
2008-08-21 07:51 . 2008-08-21 07:52 <DIR> d
C:\ProgramData\WinZip
2008-08-21 07:18 . 2008-08-21 07:18 <DIR> d
C:\Program Files\Adobe Media Player
2008-08-20 16:30 . 2008-08-20 16:30 <DIR> d
C:\ProgramData\AlawarWrapper
2008-08-20 16:23 . 2008-08-20 16:23 <DIR> d
C:\ProgramData\Enkord
2008-08-20 06:07 . 2008-08-20 06:07 <DIR> d
C:\Program Files\Intel Corporation
2008-08-19 07:16 . 2008-08-19 07:18 20,996 --a
C:\svehost.exe
2008-08-19 07:05 . 2008-08-19 07:05 <DIR> d
C:\Program Files\Common Files\Jasc Software Inc
2008-08-19 07:04 . 2008-08-19 07:04 <DIR> d
C:\Users\Fred\AppData\Roaming\Jasc Software Inc
2008-08-19 07:04 . 2008-08-19 07:04 <DIR> d
C:\Program Files\Jasc Software Inc
2008-08-17 19:54 . 2008-08-17 19:54 <DIR> d
C:\ProgramData\FLEXnet
2008-08-17 19:47 . 2008-08-17 19:47 <DIR> d
C:\Users\Fred\{7efda560-6e59-4e7f-8bc7-6e909c3523da}
2008-08-17 19:44 . 2007-02-20 16:04 2,463,976 --a
C:\Windows\System32\NPSWF32.dll
2008-08-17 19:44 . 2007-02-20 16:04 190,696 --a
C:\Windows\System32\NPSWF32_FlashUtil.exe
2008-08-12 20:36 . 2008-08-12 20:36 <DIR> d
C:\Program Files\Byteswarm
2008-08-12 20:17 . 2008-08-12 20:37 773 --a
C:\Windows\eReg.dat
2008-08-12 19:45 . 2008-08-12 21:44 <DIR> d
C:\Program Files\GameSpy Arcade
2008-08-12 19:41 . 2008-08-12 20:20 <DIR> d
C:\Program Files\EA GAMES
2008-08-12 15:40 . 2008-07-15 18:32 2,048 --a
C:\Windows\System32\tzres.dll
2008-08-12 15:36 . 2007-03-12 16:42 3,495,784 --a
C:\Windows\System32\d3dx9_33.dll
2008-08-12 15:36 . 2007-03-12 16:42 1,123,696 --a
C:\Windows\System32\D3DCompiler_33.dll
2008-08-12 15:36 . 2007-03-15 16:57 443,752 --a
C:\Windows\System32\d3dx10_33.dll
2008-08-12 15:36 . 2007-04-04 18:53 81,768 --a
C:\Windows\System32\xinput1_3.dll
2008-08-12 15:26 . 2008-06-26 18:55 1,383,424 --a
C:\Windows\System32\mshtml.tlb
2008-08-12 15:26 . 2008-06-26 21:15 827,392 --a
C:\Windows\System32\wininet.dll
2008-08-12 15:26 . 2008-04-09 22:12 738,304 --a
C:\Windows\System32\inetcomm.dll
2008-08-12 15:26 . 2008-06-18 20:31 361,984 --a
C:\Windows\System32\IPSECSVC.DLL
2008-08-12 15:26 . 2008-04-17 22:48 269,312 --a
C:\Windows\System32\es.dll
2008-08-12 07:21 . 2008-09-04 10:12 <DIR> d
C:\Users\Fred\Incomplete
2008-08-12 07:19 . 2008-08-15 20:15 <DIR> d
C:\Users\Fred\AppData\Roaming\Addax
2008-08-12 07:18 . 2008-08-12 07:19 <DIR> d
C:\Program Files\Addax
2008-08-11 07:10 . 2008-08-11 07:10 <DIR> d
C:\Users\Fred\AppData\Roaming\DataSafeOnline
2008-08-10 20:42 . 2008-08-10 20:42 <DIR> d
C:\Program Files\My Company Name
2008-08-10 20:41 . 2008-08-10 20:41 <DIR> d
C:\Users\Fred\AppData\Roaming\Roxio
2008-08-10 20:41 . 2008-08-10 20:41 <DIR> d
C:\ProgramData\Roxio
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-05 15:50
d---a-w C:\ProgramData\temp
2008-09-05 14:19
d
w C:\Program Files\McAfee
2008-09-03 02:26 27,240 ----a-w C:\Users\Fred\AppData\Roaming\nvModes.dat
2008-09-03 02:04
d
w C:\Users\Fred\AppData\Roaming\Hoyle Card Games
2008-09-03 02:01
d
w C:\Program Files\TruePoker
2008-09-02 19:14
d
w C:\Program Files\Common Files\Real
2008-08-28 01:03 682,280 ----a-w C:\Windows\System32\pbsvc.exe
2008-08-26 05:26
d
w C:\Users\Fred\AppData\Roaming\Hoyle Blackjack
2008-08-23 21:34
d
w C:\Program Files\Common Files\Adobe
2008-08-23 04:12
d
w C:\ProgramData\AOL
2008-08-23 04:12
d
w C:\Program Files\Common Files\AOL
2008-08-23 01:31
d
w C:\Users\Fred\AppData\Roaming\Lavasoft
2008-08-22 01:46
d
w C:\Users\Fred\AppData\Roaming\iolo
2008-08-21 03:23
d
w C:\Program Files\Alawar
2008-08-20 16:16
d
w C:\Users\Fred\AppData\Roaming\AOL
2008-08-19 14:03
d
w C:\Program Files\Microsoft Silverlight
2008-08-13 04:49
d--h--w C:\Program Files\InstallShield Installation Information
2008-08-13 04:33
d
w C:\Program Files\Common Files\InstallShield
2008-08-13 00:45
d
w C:\Program Files\Windows Mail
2008-08-12 22:41
d
w C:\ProgramData\Microsoft Help
2008-08-11 05:09
d
w C:\Program Files\Smith Micro
2008-08-10 16:05
d
w C:\Users\Fred\AppData\Roaming\DivX
2008-08-10 15:30
d
w C:\Program Files\Creative Live! Cam
2008-08-10 15:17
d
w C:\Program Files\Creative
2008-08-10 15:16
d--h--w C:\Program Files\Creative Installation Information
2008-08-10 15:16
d
w C:\Program Files\Common Files\Creative
2008-08-07 20:18
d
w C:\Program Files\Hardwood Euchre
2008-08-07 19:58
d
w C:\ProgramData\Creative
2008-08-07 18:44
d
w C:\Program Files\Hardwood Backgammon
2008-08-04 23:17
d
w C:\Program Files\Microsoft Games
2008-08-04 23:12
d
w C:\Program Files\Kylotonn Entertainment
2008-08-04 23:08
d
w C:\Program Files\Steam
2008-08-03 13:32
d
w C:\Program Files\Common Files\Steam
2008-08-03 00:38
d
w C:\Program Files\Play
2008-08-03 00:36
d
w C:\Program Files\Plus!
2008-08-02 17:40
d
w C:\Program Files\GameSpy
2008-08-02 17:37 22,328 ----a-w C:\Users\Fred\AppData\Roaming\PnkBstrK.sys
2008-08-02 14:59
d
w C:\ProgramData\Smith Micro
2008-08-01 15:34
d
w C:\Users\Fred\AppData\Roaming\Microsoft Games
2008-08-01 09:23
d
w C:\Program Files\Common Files\Adobe AIR
2008-08-01 09:21
d
w C:\Users\Fred\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2008-08-01 09:09
d
w C:\Program Files\DivX
2008-08-01 09:09
d
w C:\Program Files\Common Files\PX Storage Engine
2008-08-01 04:50
d
w C:\Users\Fred\AppData\Roaming\App Launcher Gadget
2008-08-01 03:31
d
w C:\Program Files\DAP
2008-08-01 03:30 50,688 ----a-w C:\Windows\System32\wbhelp2.dll
2008-08-01 03:30
d
w C:\ProgramData\SpeedBit
2008-08-01 02:59
d
w C:\ProgramData\AOL OCP
2008-08-01 02:56
d
w C:\Users\Fred\AppData\Roaming\Hoyle FaceCreator
2008-08-01 02:55
d
w C:\ProgramData\AOL Downloads
2008-08-01 02:54 107,888 ----a-w C:\Windows\System32\CmdLineExt.dll
2008-08-01 02:09
d
w C:\Program Files\LFLInstall
2008-07-31 01:28
d
w C:\ProgramData\Microsoft Games
2008-07-31 01:27
d
w C:\Users\Fred\AppData\Roaming\Microsoft Game Studios
2008-07-30 19:41
d
w C:\ProgramData\iolo
2008-07-30 19:26
d
w C:\Program Files\Hardwood Solitaire III
2008-07-30 14:55
d
w C:\Program Files\Dobermann
2008-07-30 14:11
d
w C:\Program Files\Dell
2008-07-30 14:02
d
w C:\Program Files\Hardwood Hearts
2008-07-30 13:41 6,713 ----a-w C:\Program Files\install.log
2008-07-30 13:41
d
w C:\ProgramData\Gamespot
2008-07-30 13:41
d
w C:\Program Files\GameSpot
2008-07-30 05:30
d
w C:\Program Files\Iraqi Most Wanted Solitaire
2008-07-30 05:27
d
w C:\Program Files\Silver Creek Installer
2008-07-30 05:26
d
w C:\Program Files\Hardwood Spades
2008-07-30 05:20
d
w C:\Program Files\SilverCreekCommonFiles
2008-07-29 04:49 409,600 ----a-w C:\Windows\System32\wrap_oal.dll
2008-07-29 04:49 114,688 ----a-w C:\Windows\System32\OpenAL32.dll
2008-07-29 04:22
d
w C:\Users\Fred\AppData\Roaming\Creative
2008-07-28 15:34
d
w C:\Program Files\PokerStars
2008-07-26 04:28
d
w C:\ProgramData\JollyBear
2008-07-23 14:40 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-07-23 14:08
d
w C:\Users\Fred\AppData\Roaming\CyberLink
2008-07-23 14:00
d
w C:\ProgramData\CyberLink
2008-07-22 00:56
dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-07-22 00:55
d
w C:\Program Files\Windows Live
2008-07-22 00:53
d
w C:\ProgramData\WLInstaller
2008-07-20 16:22
d
w C:\ProgramData\NVIDIA
2008-07-20 15:34
d
w C:\Program Files\Google
2008-07-20 14:30
d
w C:\Users\Fred\AppData\Roaming\Intel
2008-07-15 12:41
d--h--r C:\Users\Fred\AppData\Roaming\SecuROM
2008-07-15 12:37
d
w C:\Program Files\Encore
2008-07-15 11:57
d
w C:\ProgramData\Viewpoint
2008-07-15 11:57
d
w C:\ProgramData\QuickTime
2008-07-15 11:57
d
w C:\Program Files\Viewpoint
2008-07-15 11:57
d
w C:\Program Files\Learn2.com
2008-07-15 11:57
d
w C:\Program Files\Common Files\aolback
2008-07-15 11:56
d
w C:\Program Files\Real
2008-07-15 11:56
d
w C:\Program Files\Common Files\Nullsoft
2008-07-15 11:51
d
w C:\Program Files\America Online 9.0
2008-07-15 11:23
d
w C:\Program Files\Print Server
2008-07-15 10:54
d
w C:\ProgramData\McAfee
2008-07-15 10:53
d-sh--w C:\ProgramData\Templates
2008-07-15 10:53
d-sh--w C:\ProgramData\Start Menu
2008-07-15 10:53
d-sh--w C:\ProgramData\Favorites
2008-07-15 10:53
d-sh--w C:\ProgramData\Documents
2008-07-15 10:53
d-sh--w C:\ProgramData\Desktop
2008-07-15 10:53
d-sh--w C:\ProgramData\Application Data
2008-07-10 20:33 2,032,128 ----a-w C:\Windows\System32\win32k.sys
2008-07-10 20:33
d
w C:\Program Files\DellTPad
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-20 125952]
"8b7rZOUmAL"="C:\ProgramData\nmnkxado\rcpebcni.exe" [2008-08-26 61440]
"AWMON"="C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe" [2005-05-25 517632]
"DownloadAccelerator"="C:\Program Files\DAP\DAP.EXE" [2008-07-31 3065344]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\DellTPad\Apoint.exe" [2007-09-24 159744]
"OEM02Mon.exe"="C:\Windows\OEM02Mon.exe" [2007-12-02 36864]
"DELL Webcam Manager"="C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-07-10 29744]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-11-01 582992]
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384]
"PCMService"="C:\Program Files\Dell\MediaDirect\PCMService.exe" [2007-12-21 184320]
"Dell PC TuneUp Startup"="C:\Program Files\iolo\Common\Lib\ioloLManager.exe" [2008-04-30 307568]
"StandardKeyboard"="C:\Windows\Wireless\Wireless.exe" [2007-08-16 290816]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-10-04 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-10-04 8497696]
"NVHotkey"="C:\Windows\system32\nvHotkey.dll" [2007-10-04 86016]
"Ad-Aware"="C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Aware.exe" [2005-05-27 865280]
"HostManager"="C:\Program Files\Common Files\AOL\1217559564\ee\AOLSoftware.exe" [2007-05-25 42032]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-22 620152]
"SPIRunE"="SPIRunE.dll" [2007-05-09 C:\Windows\System32\SpiRunE.dll]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - C:\Windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe [2008-08-17 295606]
Adobe Acrobat Synchronizer.lnk - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 734872]
America Online 9.0 Tray Icon.lnk - C:\Program Files\America Online 9.0a\aoltray.exe [2008-08-22 36954]
AOL Companion.lnk - C:\Program Files\AOL Companion\companion.exe [2008-08-22 229450]
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-03 703280]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2008-07-10 50688]
QuickSet.lnk - C:\Program Files\Dell\QuickSet\quickset.exe [2008-02-22 1193240]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2008-07-10 11:12 10536 C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.yv12"= yv12vfw.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{A8D23400-B2D6-4C50-B3B5-1DF074C9B20A}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{849AD6B8-C3E1-4014-B0E3-BD23716891EB}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{150C01CD-6322-4AE5-A608-47FBA8DF11BE}"= UDP:C:\Program Files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe:Yahoo! Music Jukebox
"{D8793847-8A46-4AC7-BB7A-561BDEA3CF83}"= TCP:C:\Program Files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe:Yahoo! Music Jukebox
"{9E682FC3-E5FD-4ACC-97E8-6A666DC20EB4}"= Profile=Private|Profile=Public|C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent
"{A0301E91-0B28-4425-8E4F-AAFF6A7A86BE}"= C:\Program Files\Dell\MediaDirect\MediaDirect.exe:Dell MediaDirect
"{9D19F69D-DFBF-4352-B101-DADC52DA679E}"= C:\Program Files\Dell\MediaDirect\PCMService.exe:CyberLink PowerCinema Resident Program
"{DE28868B-C08C-4515-AB22-3C1D144117C4}"= C:\Program Files\Dell\MediaDirect\Kernel\DMP\CLBrowserEngine.exe:Cyberlink Media Server Browser Engine
"{144A4476-B50F-48FC-9897-78AE26ED30CC}"= C:\Program Files\Dell\MediaDirect\Kernel\DMS\CLMSService.exe:CyberLink Media Server
"{C313FCE7-D094-4EAB-9A41-FFD90A13252F}"= UDP:C:\Program Files\Microsoft Games\Halo 2\halo2.exe:Halo 2
"{1500578C-9666-4667-8FC1-19C1075072F4}"= TCP:C:\Program Files\Microsoft Games\Halo 2\halo2.exe:Halo 2
"{30E87663-F1B0-417D-80A0-8E7F95971338}"= UDP:C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:AOL Connectivity Service Dialer
"{FDF67B71-42E5-4FCB-85E2-9B9E496D4AA2}"= TCP:C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:AOL Connectivity Service Dialer
"{39860772-8424-4287-BB45-F7079C4147E0}"= UDP:C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:AOL Connectivity Service
"{5DEB6F4D-6EAC-4B3D-B0DE-D63C03403FC4}"= TCP:C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:AOL Connectivity Service
"{CE0D1067-8BB0-48A7-919C-71FA538E40A2}"= UDP:C:\Program Files\Common Files\AOL\1217559564\ee\aolsoftware.exe:AOL Shared Components
"{71D4555D-DEAB-4DAB-841C-1CD317450889}"= TCP:C:\Program Files\Common Files\AOL\1217559564\ee\aolsoftware.exe:AOL Shared Components
"{0A305397-F910-4076-8411-BA1C6AF5EF40}"= UDP:C:\Program Files\AOL 9.1\waol.exe:AOL
"{791C6A48-18EA-4690-8CAC-CF12AD0C0ADD}"= TCP:C:\Program Files\AOL 9.1\waol.exe:AOL
"{29FB138F-4C49-43FC-A13C-DF6D7CB44B16}"= UDP:C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:AOL TopSpeed
"{BA8B03F6-D510-4F18-ADD2-CB8265DCB850}"= TCP:C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:AOL TopSpeed
"{B8B3578A-88AF-4E38-BFB1-777426BAD02A}"= UDP:C:\Program Files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{92B75D41-9DBA-4828-8271-DAAA87C108DF}"= TCP:C:\Program Files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{1391845F-59D4-4E93-B9DA-8F29D38FBEC5}"= UDP:C:\Program Files\Common Files\AOL\System Information\sinf.exe:AOL System Information
"{E0EFB514-6DE9-48B9-AD17-FB6DD032C4D6}"= TCP:C:\Program Files\Common Files\AOL\System Information\sinf.exe:AOL System Information
"{B093EA44-03ED-4448-900D-794109F23B45}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{E4FE5B77-89EA-4783-8066-3E3D0C3E48DE}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{6B280023-5C25-437C-B1DC-A570CC55E66A}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{7A96499F-33CE-454D-8490-E9F4252C536C}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{19B1BAD1-7BBA-48A3-86E0-8BFC2C306516}"= UDP:C:\Program Files\Kylotonn Entertainment\Bet on Soldier\BoS.exe:Play Bet On Soldier
"{BC4C4E0F-A0F6-4265-B405-43F511BF8CD4}"= TCP:C:\Program Files\Kylotonn Entertainment\Bet on Soldier\BoS.exe:Play Bet On Soldier
"{59856792-10F9-46AC-9B36-4AFEA454C477}"= UDP:C:\Program Files\Microsoft Games\Halo 2 Dedicated Server\h2server.exe:Halo 2 Dedicated Server
"{1B66A766-D2BF-4F43-B3C8-B0E938DBDC47}"= TCP:C:\Program Files\Microsoft Games\Halo 2 Dedicated Server\h2server.exe:Halo 2 Dedicated Server
"{6110DC7B-55CF-48E6-968F-0ACE3AC6AB1A}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{78E39F97-3A94-49E0-A8E5-61040F6CE76A}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{93C9BC4F-17F1-49A2-95A1-DB8C42F2020F}"= UDP:C:\Program Files\DNA\btdna.exe:DNA (TCP-In)
"{66629B36-1381-4FF5-BE3A-20148C98B280}"= TCP:C:\Program Files\DNA\btdna.exe:DNA (UDP-In)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"DoNotAllowExceptions"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\BitTorrent\\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
R1 ElRawDisk;ElRawDisk;C:\Windows\system32\drivers\elrawdsk.sys [2007-09-20 12800]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\system32\aestsrv.exe [2008-01-01 73728]
R2 CTAudSvcService;Creative Audio Service;C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2007-11-26 385024]
R2 ioloFileInfoList;iolo FileInfoList Service;C:\Program Files\iolo\common\lib\ioloServiceManager.exe [2008-04-30 565608]
R2 ioloSystemService;iolo System Service;C:\Program Files\iolo\common\lib\ioloServiceManager.exe [2008-04-30 565608]
R2 Stuffit Archive Name Service;Stuffit Archive Name Service;C:\Program Files\Smith Micro\StuffIt\ArcNameService.exe [2008-01-31 157016]
R3 btwaudio;Bluetooth Audio Device Service;C:\Windows\system32\drivers\btwaudio.sys [2006-11-06 78128]
R3 btwavdt;Bluetooth AVDT;C:\Windows\system32\drivers\btwavdt.sys [2006-11-06 80176]
R3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwrchid.sys [2006-11-06 16560]
R3 OEM02Dev;Creative Camera OEM002 Driver;C:\Windows\system32\DRIVERS\OEM02Dev.sys [2007-12-02 235648]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;C:\Windows\system32\DRIVERS\OEM02Vfx.sys [2007-12-02 7424]
S2 0216721220536095mcinstcleanup;McAfee Application Installer Cleanup (0216721220536095);C:\Windows\TEMP\021672~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini [ ]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2008-08-10 79360]
S3 getPlus(R) Helper;getPlus(R) Helper;C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-06-26 31592]
S3 GoToAssist;GoToAssist;C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe Start=service [ ]
S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-08-02 87288]
S3 t3;SB Xtreme Audio Notebook (Vista);C:\Windows\system32\drivers\t3.sys [2008-01-29 404480]
S4 ErrDev;Microsoft Hardware Error Device Driver;C:\Windows\system32\drivers\errdev.sys [2008-01-20 6656]
S4 MegaSR;MegaSR;C:\Windows\system32\drivers\megasr.sys [2008-01-20 386616]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder
.
- - - - ORPHANS REMOVED - - - -
WebBrowser-{4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E} - (no file)
.
Supplementary Scan
.
FireFox -: Profile - C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\yipzaqyg.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.com/
FF -: plugin - C:\Program Files\DNA\plugins\npbtdna.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
FF -: plugin - C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
.
.
File Associations (Beta)
.
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-05 08:53:54
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
SPIRunE = Rundll32 SPIRunE.dll,RunDLLEntry?
scanning hidden files ...
**************************************************************************
.
Completion time: 2008-09-05 8:56:19
ComboFix-quarantined-files.txt 2008-09-05 15:55:16
Pre-Run: 173,051,506,688 bytes free
Post-Run: 173,045,415,936 bytes free
386 --- E O F --- 2008-09-05 14:27:10
Logfile of Trend Micro HijackThis v2.0.2Scan saved at 4:51:20 PM, on 9/5/2008Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: NormalRunning processes:C:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\DellTPad\Apoint.exec:\PROGRA~1\mcafee.com\agent\mcagent.exeC:\Windows\OEM02Mon.exeC:\Program Files\Dell\MediaDirect\PCMService.exeC:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exeC:\Program Files\Common Files\AOL\1217559564\ee\aolsoftware.exeC:\Windows\ehome\ehtray.exeC:\ProgramData\nmnkxado\rcpebcni.exeC:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exeC:\Windows\System32\rundll32.exeC:\Program Files\America Online 9.0a\aoltray.exeC:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exeC:\Windows\ehome\ehmsas.exeC:\Program Files\Digital Line Detect\DLG.exeC:\Program Files\Dell\QuickSet\quickset.exec:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exeC:\Program Files\DellTPad\Apntex.exeC:\Program Files\DellTPad\HidFind.exeC:\Windows\system32\wbem\unsecapp.exeC:\ProgramData\msgsys\rklitqzy.exeC:\Program Files\AOL Companion\companion.exeC:\Program Files\BitTorrent\bittorrent.exeC:\Program Files\Internet Explorer\ieuser.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\NOTEPAD.EXEc:\users\Fred\Documents\My Completed Downloads\Software Downloads\HiJackThis.exeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dllO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dllO2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dllO2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dllO3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dllO4 - HKLM\..\Run: [Apoint] "C:\Program Files\DellTPad\Apoint.exe"O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exeO4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /sO4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startupO4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkeyO4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"O4 - HKLM\..\Run: [Dell PC TuneUp Startup] "C:\Program Files\iolo\Common\Lib\ioloLManager.exe"O4 - HKLM\..\Run: [StandardKeyboard] C:\Windows\Wireless\Wireless.exeO4 - HKLM\..\Run: [NvSvc] "RUNDLL32.EXE" C:\Windows\system32\nvsvc.dll,nvsvcStartO4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [NVHotkey] "rundll32.exe" C:\Windows\system32\nvHotkey.dll,StartO4 - HKLM\..\Run: [Ad-Aware] "C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Aware.exe" +cO4 - HKLM\..\Run: [SPIRunE] Rundll32 SPIRunE.dll,RunDLLEntryO4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1217559564\ee\AOLSoftware.exeO4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exeO4 - HKCU\..\Run: [8b7rZOUmAL] C:\ProgramData\nmnkxado\rcpebcni.exeO4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"O4 - HKCU\..\Run: [msgsys] C:\ProgramData\msgsys\rklitqzy.exeO4 - HKCU\..\Run: [UIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exeO4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exeO4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0a\aoltray.exeO4 - Global Startup: AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exeO4 - Global Startup: Bluetooth.lnk = ?O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exeO4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exeO8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htmO8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htmO8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlO8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlO8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlO8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlO8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlO8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlO8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlO8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlO8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htmO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmO8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmO9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programs\PartyGaming.Net\PartyPokerNet\RunPF.exeO9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programs\PartyGaming.Net\PartyPokerNet\RunPF.exeO13 - Gopher Prefix: O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) - http://support.dell.com/systemprofiler/SysProExe.CABO16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cabO16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.12) - http://service.futuremark.com/virtualmark/tc/MSC3.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabO16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5342/mcfscan.cabO20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLLO20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dllO23 - Service: McAfee Application Installer Cleanup (0216721220536095) (0216721220536095mcinstcleanup) - Unknown owner - C:\Windows\TEMP\021672~1.EXE (file missing)O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exeO23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exeO23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exeO23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exeO23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exeO23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exeO23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exeO23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exeO23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exeO23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exeO23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exeO23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exeO23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exeO23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exeO23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exeO23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exeO23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exeO23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exeO23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exeO23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exeO23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exeO23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exeO23 - Service: Stuffit Archive Name Service - Smith Micro Software, Inc. - C:\Program Files\Smith Micro\StuffIt\ArcNameService.exeO23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\Windows\wanmpsvc.exeO23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe--End of file - 12401 bytes</PRE>