Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer Freezing And Display Properties Changing


  • Please log in to reply
5 replies to this topic

#1 jotamon

jotamon

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:04:00 AM

Posted 06 December 2007 - 10:48 AM

Hi all,

my computer is pretty new and I have done a good job keeping it clean using spybot and other programs..

a few days ago something changed and it now seems like somethings has hijacked my system

can someone take a look at this log for me?

thanks for the help,

josh


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:43:25 AM, on 12/6/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal

Running processes:
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\sttray.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\McAfee\MSK\mskagent.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Windows Mail\WinMail.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\hjt\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [dscactivate] c:\dell\dsca.exe 3
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingD1857] cmd /c del "C:\Windows\System32\drivers\core.sys"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{66653953-F40D-4C08-B072-202AA0382CA2}: NameServer = 153.90.2.15,153.90.2.1
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10087 bytes

BC AdBot (Login to Remove)

 


m

#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,388 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:00 AM

Posted 12 December 2007 - 02:18 PM

  • Download Combofix to your desktop.

  • Doubleclick combofix.exe

  • Follow the prompts.
Don't click on the window while the fix is running, because that will cause your system to hang.

When finished, and after reboot if it asks for one, combofix will open again to gather the necessary information for the log. This may take a while so please be patient. When done, Combofix will close and a log should open called combofix.txt.

Post the contents of this log in your next reply along with a new hijackthislog.

Please do not post the ComboFix-quarantined-files.txt unless I ask you to.

#3 jotamon

jotamon
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:04:00 AM

Posted 13 December 2007 - 12:22 PM

every time i try to run combofix it says

combofix is preparing to run

and then

out of memory

then it crashes and VISTA says there is a problem with reg.exe

i tried deleting combofix from my desktop and deleting the combofix folders out of the C:\

i did a system restore and tried reinstalling combofix but it did not work...

hmm..

thanks for your help,

josh

#4 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,388 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:00 AM

Posted 13 December 2007 - 12:30 PM

Let's see a new hijackthis log.

#5 jotamon

jotamon
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:04:00 AM

Posted 13 December 2007 - 12:33 PM

there it ran....

vista identified an error and combofix said out of memory but i waited a bit and then combofix worked

here you go

ComboFix 07-12-12.3 - Josh 2007-12-13 10:22:41.3 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1000 [GMT -7:00]
Running from: C:\Users\Josh\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2007-11-13 to 2007-12-13 )))))))))))))))))))))))))))))))
.

2007-12-12 14:56 . 2007-12-12 14:56 1,327,104 --a------ C:\Windows\System32\quartz.dll
2007-12-12 14:56 . 2007-12-12 14:56 223,232 --a------ C:\Windows\System32\WMASF.DLL
2007-12-12 14:56 . 2007-12-12 14:56 9,728 --a------ C:\Windows\System32\LAPRXY.DLL
2007-12-12 14:56 . 2007-12-12 14:56 2,048 --a------ C:\Windows\System32\asferror.dll
2007-12-12 14:53 . 2007-12-12 14:53 130,048 --a------ C:\Windows\System32\drivers\srv2.sys
2007-12-12 14:53 . 2007-12-12 14:53 101,888 --a------ C:\Windows\System32\drivers\mrxsmb.sys
2007-12-12 14:53 . 2007-12-12 14:53 84,992 --a------ C:\Windows\System32\drivers\srvnet.sys
2007-12-12 14:53 . 2007-12-12 14:53 58,368 --a------ C:\Windows\System32\drivers\mrxsmb20.sys
2007-12-12 14:51 . 2007-12-12 14:51 3,504,824 --a------ C:\Windows\System32\ntkrnlpa.exe
2007-12-12 14:51 . 2007-12-12 14:51 3,470,520 --a------ C:\Windows\System32\ntoskrnl.exe
2007-12-12 14:51 . 2007-12-12 14:51 2,048 --a------ C:\Windows\System32\tzres.dll
2007-12-03 11:45 . 2007-12-03 11:48 <DIR> d-------- C:\Program Files\myFairTunes
2007-11-20 10:02 . 2007-11-20 10:02 1,244,672 --a------ C:\Windows\System32\mcmde.dll
2007-11-14 11:47 . 2007-11-14 11:47 224,768 --a------ C:\Windows\System32\drivers\usbport.sys
2007-11-14 11:47 . 2007-11-14 11:47 193,536 --a------ C:\Windows\System32\drivers\usbhub.sys
2007-11-14 11:47 . 2007-11-14 11:47 73,216 --a------ C:\Windows\System32\drivers\usbccgp.sys
2007-11-14 11:47 . 2007-11-14 11:47 38,400 --a------ C:\Windows\System32\drivers\usbehci.sys
2007-11-14 11:47 . 2007-11-14 11:47 19,456 --a------ C:\Windows\System32\drivers\usbohci.sys
2007-11-14 11:47 . 2007-11-14 11:47 8,704 --a------ C:\Windows\System32\hcrstco.dll
2007-11-14 11:47 . 2007-11-14 11:47 8,704 --a------ C:\Windows\System32\hccoin.dll
2007-11-14 11:47 . 2007-11-14 11:47 5,888 --a------ C:\Windows\System32\drivers\usbd.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-13 17:03 --------- d-----w C:\Program Files\Windows Mail
2007-12-13 17:02 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2007-12-13 17:02 --------- d-----w C:\ProgramData\FLEXnet
2007-12-13 17:02 --------- d-----w C:\Program Files\PowerISO
2007-12-13 17:02 --------- d-----w C:\Program Files\McAfee
2007-12-12 22:35 --------- d-----w C:\Users\Josh\AppData\Roaming\Azureus
2007-12-12 21:55 56,320 ----a-w C:\Windows\System32\iesetup.dll
2007-12-12 21:55 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2007-12-12 21:55 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2007-12-11 17:59 --------- d-----w C:\ProgramData\Roxio
2007-12-10 21:05 --------- d-----w C:\Users\Josh\AppData\Roaming\Tinn-R
2007-11-21 17:31 --------- d-----w C:\Program Files\Azureus
2007-11-14 18:49 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
2007-11-14 18:49 67,584 ----a-w C:\Windows\System32\wlanhlp.dll
2007-11-14 18:49 542,720 ----a-w C:\Windows\System32\sysmain.dll
2007-11-14 18:49 502,784 ----a-w C:\Windows\System32\wlansvc.dll
2007-11-14 18:49 47,104 ----a-w C:\Windows\System32\wlanapi.dll
2007-11-14 18:49 297,984 ----a-w C:\Windows\System32\wlansec.dll
2007-11-14 18:49 290,816 ----a-w C:\Windows\System32\wlanmsm.dll
2007-11-14 18:49 28,344 ----a-w C:\Windows\system32\drivers\battc.sys
2007-11-14 18:49 258,232 ----a-w C:\Windows\system32\drivers\acpi.sys
2007-11-14 18:49 24,064 ----a-w C:\Windows\System32\wtsapi32.dll
2007-11-14 18:49 20,920 ----a-w C:\Windows\system32\drivers\compbatt.sys
2007-11-14 18:49 2,923,520 ----a-w C:\Windows\explorer.exe
2007-11-14 18:49 2,027,008 ----a-w C:\Windows\System32\win32k.sys
2007-11-14 18:49 14,208 ----a-w C:\Windows\system32\drivers\CmBatt.sys
2007-11-14 18:49 11,264 ----a-w C:\Windows\system32\drivers\wmiacpi.sys
2007-11-12 23:00 --------- d-----w C:\Users\Josh\AppData\Roaming\Media Player Classic
2007-11-06 17:01 --------- d-----w C:\Program Files\iTunes
2007-11-06 17:00 --------- d-----w C:\Program Files\iPod
2007-11-06 16:55 --------- d-----w C:\Program Files\QuickTime
2007-11-02 19:59 --------- d-----w C:\ProgramData\Microsoft Help
2007-10-29 15:41 --------- d-----w C:\ProgramData\Kaspersky Lab
2007-10-26 18:50 --------- d-----w C:\Program Files\Sun
2007-10-26 18:50 --------- d-----w C:\Program Files\Java
2007-10-26 18:44 --------- d-----w C:\Program Files\Common Files\Java
2007-10-26 18:08 --------- d-----w C:\Users\Josh\AppData\Roaming\SUPERAntiSpyware.com
2007-10-26 18:08 --------- d-----w C:\Program Files\SUPERAntiSpyware
2007-10-26 18:08 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-10-26 18:04 --------- d-----w C:\Program Files\Winamp
2007-10-15 21:05 --------- d-----w C:\ProgramData\SUPERAntiSpyware.com
2007-10-11 14:15 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL
2007-10-11 14:14 7,680 ----a-w C:\Windows\System32\spwmp.dll
2007-10-11 14:14 4,096 ----a-w C:\Windows\System32\dxmasf.dll
2007-10-11 14:14 356,864 ----a-w C:\Windows\System32\MediaMetadataHandler.dll
2007-10-11 14:12 84,480 ----a-w C:\Windows\System32\INETRES.dll
2007-10-11 14:12 737,792 ----a-w C:\Windows\System32\inetcomm.dll
2007-10-11 14:11 788,992 ----a-w C:\Windows\System32\rpcrt4.dll
2007-09-28 16:07 129,784 ------w C:\Windows\System32\PxAFS.DLL
2007-09-26 13:17 57,856 ----a-w C:\Windows\System32\SLUINotify.dll
2007-09-26 13:17 566,784 ----a-w C:\Windows\System32\SLCommDlg.dll
2007-09-26 13:17 39,936 ----a-w C:\Windows\System32\slcinst.dll
2007-09-26 13:17 351,232 ----a-w C:\Windows\System32\SLUI.exe
2007-09-26 13:17 33,280 ----a-w C:\Windows\System32\slwmi.dll
2007-09-26 13:17 268,288 ----a-w C:\Windows\System32\mcbuilder.exe
2007-09-26 13:17 223,232 ----a-w C:\Windows\System32\SLC.dll
2007-09-26 13:17 2,605,568 ----a-w C:\Windows\System32\SLsvc.exe
2007-09-26 13:17 186,368 ----a-w C:\Windows\System32\SLLUA.exe
2007-09-17 18:23 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
2007-09-17 18:23 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
2007-09-17 18:22 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
2007-09-17 18:22 739,840 ----a-w C:\Windows\System32\DivX.dll
2007-09-17 13:17 174 --sha-w C:\Program Files\desktop.ini
2007-09-17 12:27 88,576 ----a-w C:\Windows\System32\avifil32.dll
2007-09-17 12:27 82,944 ----a-w C:\Windows\System32\mciavi32.dll
2007-09-17 12:27 8,138,240 ----a-w C:\Windows\System32\ssBranded.scr
2007-09-17 12:27 712,192 ----a-w C:\Windows\System32\WindowsCodecs.dll
2007-09-17 12:27 69,632 ----a-w C:\Windows\System32\sendmail.dll
2007-09-17 12:27 65,024 ----a-w C:\Windows\System32\avicap32.dll
2007-09-17 12:27 61,440 ----a-w C:\Windows\System32\ntprint.exe
2007-09-17 12:27 31,232 ----a-w C:\Windows\System32\msvidc32.dll
2007-09-17 12:27 269,824 ----a-w C:\Windows\System32\schannel.dll
2007-09-17 12:27 220,160 ----a-w C:\Windows\System32\ntprint.dll
2007-09-17 12:27 123,904 ----a-w C:\Windows\System32\msvfw32.dll
2007-09-17 12:27 120,320 ----a-w C:\Windows\System32\dhcpcsvc6.dll
2007-09-17 12:27 12,800 ----a-w C:\Windows\System32\msrle32.dll
2007-09-17 12:27 10,240 ----a-w C:\Windows\System32\dhcpcmonitor.dll
2007-09-17 12:27 1,984,512 ----a-w C:\Windows\System32\authui.dll
2007-09-13 12:44 8,192 ----a-w C:\Windows\System32\riched32.dll
2007-09-13 12:44 77,824 ----a-w C:\Windows\System32\rascfg.dll
2007-09-13 12:44 694,784 ----a-w C:\Windows\System32\localspl.dll
2007-09-13 12:44 52,736 ----a-w C:\Windows\System32\rasdiag.dll
2007-09-13 12:44 384,000 ----a-w C:\Windows\System32\netcfgx.dll
2007-09-13 12:44 36,864 ----a-w C:\Windows\System32\cdd.dll
2007-09-13 12:44 33,280 ----a-w C:\Windows\System32\traffic.dll
2007-09-13 12:44 32,768 ----a-w C:\Windows\System32\rasmxs.dll
2007-09-13 12:44 286,208 ----a-w C:\Windows\System32\ipnathlp.dll
2007-09-13 12:44 22,016 ----a-w C:\Windows\System32\rasser.dll
2007-09-13 12:44 15,360 ----a-w C:\Windows\System32\pacerprf.dll
2007-09-13 12:44 134,656 ----a-w C:\Windows\System32\dps.dll
2007-09-13 12:44 13,824 ----a-w C:\Windows\System32\wshqos.dll
2007-09-13 12:44 13,824 ----a-w C:\Windows\System32\icsunattend.exe
2007-09-13 12:42 86,016 ----a-w C:\Windows\System32\icfupgd.dll
2007-09-13 12:42 61,952 ----a-w C:\Windows\System32\cmifw.dll
2007-09-13 12:42 396,800 ----a-w C:\Windows\System32\MPSSVC.dll
2007-09-13 12:42 392,192 ----a-w C:\Windows\System32\FirewallAPI.dll
2007-09-13 12:42 178,688 ----a-w C:\Windows\System32\iphlpsvc.dll
2007-09-13 12:42 16,896 ----a-w C:\Windows\System32\wfapigp.dll
2007-09-13 12:41 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2007-09-13 12:41 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 10:09]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 15:46]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"SpybotDeletingD1857"="cmd /c del C:\Windows\System32\drivers\core.sys" []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="" []
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-04-27 17:35]
"SigmatelSysTrayApp"="sttray.exe" [2007-03-06 13:37 C:\Windows\sttray.exe]
"Broadcom Wireless Manager UI"="C:\Windows\system32\WLTRAY.exe" [2007-03-21 12:33]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 09:37]
"MskAgentexe"="C:\Program Files\McAfee\MSK\MskAgent.exe" [2007-01-17 15:30]
"dscactivate"="c:\dell\dsca.exe" [2007-07-30 12:40]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2007-03-16 03:20]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-09-03 00:45]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-05-14 15:22]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2007-05-10 21:46]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2006-06-05 07:06]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 09:35]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-10-19 20:16]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-11-02 18:36]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 20:05:26]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2007-09-03 00:23:40]
QuickSet.lnk - C:\Program Files\Dell\QuickSet\quickset.exe [2007-07-20 16:13:26]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
"LoadAppInit_DLLs"=1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

R0 AtiPcie;ATI PCI Express (3GIO) Filter;C:\Windows\system32\DRIVERS\AtiPcie.sys
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys
R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys
S2 0199771197306031mcinstcleanup;McAfee Application Installer Cleanup (0199771197306031);C:\Windows\TEMP\019977~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service
S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted REG_MULTI_SZ hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\shell\AutoRun\command - F:\INSTALL.EXE id=10000000000063000001 ver=1.0.0.0

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{13658ea3-7803-11dc-b697-001c238cafdc}]
\shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5094706b-9dd5-11dc-ac88-001c238cafdc}]
\shell\AutoRun\command - H:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{87b746bc-7d96-11dc-b4b7-001c238cafdc}]
\shell\AutoRun\command - H:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fb67a5ab-6c61-11dc-9459-001c238cafdc}]
\shell\AutoRun\command - H:\LaunchU3.exe -a

.
Contents of the 'Scheduled Tasks' folder
"2007-09-03 07:53:07 C:\Windows\Tasks\McDefragTask.job"
- c:\program files\mcafee\mqc\QcConsol.exe'
"2007-09-03 07:53:07 C:\Windows\Tasks\McQcTask.job"
- c:\program files\mcafee\mqc\QcConsol.exe
.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-13 10:24:49
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-13 10:25:50
C:\ComboFix-quarantined-files.txt ... 2007-10-08 12:06
C:\ComboFix2.txt ... 2007-10-08 12:07
.
2007-12-12 21:56:45 --- E O F ---



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:32:27 AM, on 12/13/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\Windows\system32\taskeng.exe
C:\Windows\sttray.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\McAfee\MSK\mskagent.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Windows Mail\WinMail.exe
c:\program files\mcafee\msc\mcuimgr.exe
C:\Windows\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\hjt\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [dscactivate] c:\dell\dsca.exe 3
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingD1857] cmd /c del "C:\Windows\System32\drivers\core.sys"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{66653953-F40D-4C08-B072-202AA0382CA2}: NameServer = 153.90.2.15,153.90.2.1
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: McAfee Application Installer Cleanup (0199771197306031) (0199771197306031mcinstcleanup) - Unknown owner - C:\Windows\TEMP\019977~1.EXE (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10296 bytes

#6 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,388 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:00 AM

Posted 14 December 2007 - 04:21 PM

Everything looks clean here. There is one entry from spybot that did not seem to complete. Please reboot and post a brand new hjt log.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users