ComboFix 08-07-26.1 - Administrator 2008-07-27 21:00:43.3 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.256 [GMT -4:00]
Running from: C:\Users\Administrator\Desktop\ComboFix.exe
Command switches used :: C:\Users\Administrator\Desktop\CFScript_used_2008-07-27@13.33.txt.lnk
.
((((((((((((((((((((((((( Files Created from 2008-06-28 to 2008-07-28 )))))))))))))))))))))))))))))))
.
2008-07-27 18:04 . 2008-07-27 18:30 <DIR> d-a------ C:\Users\All Users\TEMP
2008-07-27 18:04 . 2008-07-27 18:30 <DIR> d-a------ C:\PROGRA~2\TEMP
2008-07-27 18:02 . 2008-07-27 18:27 <DIR> d-------- C:\Program Files\Exterminate It!
2008-07-26 22:58 . 2008-07-26 22:58 268 --ah----- C:\sqmdata09.sqm
2008-07-26 22:58 . 2008-07-26 22:58 244 --ah----- C:\sqmnoopt09.sqm
2008-07-26 22:39 . 2008-07-27 03:52 168,728,112 --a------ C:\Windows\MEMORY.DMP
2008-07-26 22:13 . 2008-07-26 22:13 268 --ah----- C:\sqmdata08.sqm
2008-07-26 22:13 . 2008-07-26 22:13 244 --ah----- C:\sqmnoopt08.sqm
2008-07-26 21:07 . 2008-07-26 21:07 <DIR> d-------- C:\Users\All Users\Malwarebytes
2008-07-26 21:07 . 2008-07-26 21:07 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-26 21:07 . 2008-07-26 21:07 <DIR> d-------- C:\PROGRA~2\Malwarebytes
2008-07-26 21:07 . 2008-07-23 23:09 38,472 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys
2008-07-26 21:07 . 2008-07-23 23:09 17,144 --a------ C:\Windows\System32\drivers\mbam.sys
2008-07-26 20:55 . 2008-07-26 23:05 <DIR> d-------- C:\Program Files\Windows Live Safety Center
2008-07-26 20:27 . 2008-07-26 20:27 <DIR> d-------- C:\Users\All Users\Yahoo! Companion
2008-07-26 20:27 . 2008-07-26 20:27 <DIR> d-------- C:\PROGRA~2\Yahoo! Companion
2008-07-26 20:23 . 2008-07-26 20:23 <DIR> d-------- C:\Program Files\OpenOffice.org 2.4
2008-07-26 20:10 . 2008-07-26 20:10 <DIR> d-------- C:\Users\All Users\Apple Computer
2008-07-26 20:10 . 2008-07-26 20:11 <DIR> d-------- C:\Program Files\QuickTime
2008-07-26 20:10 . 2008-07-26 20:10 <DIR> d-------- C:\PROGRA~2\Apple Computer
2008-07-26 20:09 . 2008-07-26 20:09 <DIR> d-------- C:\Users\All Users\Apple
2008-07-26 20:09 . 2008-07-26 20:09 <DIR> d-------- C:\Program Files\Apple Software Update
2008-07-26 20:09 . 2008-07-26 20:09 <DIR> d-------- C:\PROGRA~2\Apple
2008-07-26 17:04 . 2008-07-26 17:04 268 --ah----- C:\sqmdata07.sqm
2008-07-26 17:04 . 2008-07-26 17:04 244 --ah----- C:\sqmnoopt07.sqm
2008-07-26 16:48 . 2008-07-26 16:48 268 --ah----- C:\sqmdata06.sqm
2008-07-26 16:48 . 2008-07-26 16:48 244 --ah----- C:\sqmnoopt06.sqm
2008-07-26 16:13 . 2008-07-26 16:13 268 --ah----- C:\sqmdata05.sqm
2008-07-26 16:13 . 2008-07-26 16:13 244 --ah----- C:\sqmnoopt05.sqm
2008-07-26 14:21 . 2008-07-26 14:21 268 --ah----- C:\sqmdata04.sqm
2008-07-26 14:21 . 2008-07-26 14:21 244 --ah----- C:\sqmnoopt04.sqm
2008-07-26 14:13 . 2008-07-27 04:34 170,030 --a------ C:\Windows\System32\drivers\kmxcfg.u2k0
2008-07-26 14:13 . 2008-07-27 04:34 64 --a------ C:\Windows\System32\drivers\kmxcfg.u2k7
2008-07-26 14:13 . 2008-07-27 04:34 64 --a------ C:\Windows\System32\drivers\kmxcfg.u2k6
2008-07-26 14:13 . 2008-07-27 04:34 64 --a------ C:\Windows\System32\drivers\kmxcfg.u2k5
2008-07-26 14:13 . 2008-07-27 04:34 64 --a------ C:\Windows\System32\drivers\kmxcfg.u2k4
2008-07-26 14:13 . 2008-07-27 04:34 64 --a------ C:\Windows\System32\drivers\kmxcfg.u2k3
2008-07-26 14:13 . 2008-07-27 04:34 64 --a------ C:\Windows\System32\drivers\kmxcfg.u2k2
2008-07-26 14:13 . 2008-07-27 04:34 64 --a------ C:\Windows\System32\drivers\kmxcfg.u2k1
2008-07-26 00:58 . 2008-07-26 00:58 268 --ah----- C:\sqmdata03.sqm
2008-07-26 00:58 . 2008-07-26 00:58 244 --ah----- C:\sqmnoopt03.sqm
2008-07-26 00:36 . 2008-07-26 00:36 <DIR> d-------- C:\Windows\Sun
2008-07-26 00:35 . 2008-07-26 20:22 <DIR> d-------- C:\Program Files\Java
2008-07-26 00:34 . 2008-07-26 00:34 <DIR> d-------- C:\Program Files\Common Files\Java
2008-07-26 00:30 . 2008-07-26 00:30 <DIR> d-------- C:\Program Files\Yahoo!
2008-07-26 00:20 . 2008-07-26 00:20 <DIR> d-------- C:\Program Files\Trend Micro
2008-07-26 00:16 . 2008-07-26 00:16 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-07-26 00:15 . 2008-07-26 00:19 <DIR> d-------- C:\Users\All Users\CA
2008-07-26 00:15 . 2008-07-26 00:15 <DIR> d-------- C:\Program Files\Common Files\Scanner
2008-07-26 00:15 . 2008-07-26 00:15 <DIR> d-------- C:\Program Files\CA
2008-07-26 00:15 . 2008-07-26 00:19 <DIR> d-------- C:\PROGRA~2\CA
2008-07-25 23:45 . 2008-07-25 23:45 268 --ah----- C:\sqmdata02.sqm
2008-07-25 23:45 . 2008-07-25 23:45 244 --ah----- C:\sqmnoopt02.sqm
2008-07-25 23:19 . 2008-07-25 23:19 <DIR> d-------- C:\Users\All Users\HP Product Assistant
2008-07-25 23:19 . 2008-07-25 23:19 <DIR> d-------- C:\PROGRA~2\HP Product Assistant
2008-07-25 23:17 . 2008-07-25 23:45 115,401 --a------ C:\Windows\hpgins21.dat
2008-07-25 23:17 . 2007-05-02 14:39 282 --------- C:\Windows\hpgmdl21.dat
2008-07-25 22:44 . 2008-07-25 22:44 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-07-25 22:31 . 2008-07-25 22:31 268 --ah----- C:\sqmdata01.sqm
2008-07-25 22:31 . 2008-07-25 22:31 244 --ah----- C:\sqmnoopt01.sqm
2008-07-25 22:30 . 2008-07-25 22:30 <DIR> d-------- C:\Program Files\Microsoft LifeCam
2008-07-25 22:29 . 2005-05-26 18:34 2,297,552 --a------ C:\Windows\System32\d3dx9_26.dll
2008-07-25 22:29 . 2008-07-25 22:29 268 --ah----- C:\sqmdata00.sqm
2008-07-25 22:29 . 2008-07-25 22:29 244 --ah----- C:\sqmnoopt00.sqm
2008-07-25 22:28 . 2008-07-25 22:28 <DIR> d-------- C:\Windows\PCHEALTH
2008-07-25 22:24 . 2008-07-25 22:10 144,701 --------- C:\Windows\hpwins16.dat.temp
2008-07-25 22:24 . 2007-10-24 23:00 1,162 --------- C:\Windows\hpwmdl16.dat.temp
2008-07-25 22:22 . 2008-07-25 22:28 <DIR> d-------- C:\Program Files\Windows Live
2008-07-25 22:22 . 2008-07-25 22:26 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller
2008-07-25 22:18 . 2008-07-25 22:22 <DIR> d-------- C:\Users\All Users\WLInstaller
2008-07-25 22:18 . 2008-07-25 22:18 <DIR> d-------- C:\Program Files\Common Files\Nova Development
2008-07-25 22:18 . 2008-07-25 22:22 <DIR> d-------- C:\PROGRA~2\WLInstaller
2008-07-25 22:17 . 2008-07-25 22:17 <DIR> d-------- C:\Program Files\Nova Development
2008-07-25 22:05 . 2008-07-25 22:05 <DIR> d-------- C:\Users\All Users\HPSSUPPLY
2008-07-25 22:05 . 2008-07-25 22:05 <DIR> d-------- C:\PROGRA~2\HPSSUPPLY
2008-07-25 22:04 . 2008-07-25 23:20 <DIR> d-------- C:\Program Files\Common Files\HP
2008-07-25 22:03 . 2008-07-25 22:03 <DIR> d-------- C:\Program Files\Common Files\Hewlett-Packard
2008-07-25 22:02 . 2008-07-25 22:02 <DIR> d-------- C:\Users\All Users\Hewlett-Packard
2008-07-25 22:02 . 2008-07-25 22:02 <DIR> d-------- C:\PROGRA~2\Hewlett-Packard
2008-07-25 22:02 . 2007-10-25 11:35 258,048 --a------ C:\Windows\System32\hpzids01.dll
2008-07-25 22:02 . 2007-10-29 20:14 117,760 --a------ C:\Windows\System32\hpzll4xl.dll
2008-07-25 22:01 . 2008-07-25 22:01 <DIR> d-------- C:\Windows\zhenghe2
2008-07-25 22:01 . 2007-10-25 11:38 675,840 --a------ C:\Windows\System32\hpowiax4.dll
2008-07-25 22:01 . 2007-10-25 11:38 569,344 --a------ C:\Windows\System32\hpotscl4.dll
2008-07-25 22:01 . 2007-10-25 11:38 294,912 --a------ C:\Windows\System32\hpovst11.dll
2008-07-25 22:00 . 2008-07-25 23:42 <DIR> d-------- C:\Users\All Users\HP
2008-07-25 22:00 . 2008-07-25 23:42 <DIR> d-------- C:\PROGRA~2\HP
2008-07-25 22:00 . 2008-07-27 20:42 144,119 --a------ C:\Windows\hpwins16.dat
2008-07-25 21:56 . 2008-07-27 00:28 <DIR> dr------- C:\Users\Administrator\Contacts
2008-07-25 21:36 . 2008-07-25 21:36 8,192 --a------ C:\Windows\System32\riched32.dll
2008-07-25 21:34 . 2008-07-25 21:34 205,824 --a------ C:\Windows\System32\msoeacct.dll
2008-07-25 21:34 . 2008-07-25 21:34 87,040 --a------ C:\Windows\System32\msoert2.dll
2008-07-25 21:34 . 2008-07-25 21:34 39,424 --a------ C:\Windows\System32\ACCTRES.dll
2008-07-25 21:32 . 2008-07-25 21:32 194,560 --a------ C:\Windows\System32\WebClnt.dll
2008-07-25 21:32 . 2008-07-25 21:32 110,080 --a------ C:\Windows\System32\drivers\mrxdav.sys
2008-07-25 21:31 . 2008-07-25 21:31 376,320 --a------ C:\Windows\System32\winsrv.dll
2008-07-25 21:31 . 2008-07-25 21:31 49,664 --a------ C:\Windows\System32\csrsrv.dll
2008-07-25 21:26 . 2008-07-25 21:26 1,060,920 --a------ C:\Windows\System32\drivers\ntfs.sys
2008-07-25 21:26 . 2008-07-25 21:26 41,984 --a------ C:\Windows\System32\drivers\monitor.sys
2008-07-25 21:24 . 2008-07-25 21:24 414,208 --a------ C:\Windows\System32\msscp.dll
2008-07-25 21:20 . 2008-07-25 21:20 3,504,696 --a------ C:\Windows\System32\ntkrnlpa.exe
2008-07-25 21:20 . 2008-07-25 21:20 3,470,392 --a------ C:\Windows\System32\ntoskrnl.exe
2008-07-25 21:20 . 2008-07-25 21:20 211,000 --a------ C:\Windows\System32\drivers\volsnap.sys
2008-07-25 21:20 . 2008-07-25 21:20 154,624 --a------ C:\Windows\System32\drivers\nwifi.sys
2008-07-25 21:20 . 2008-07-25 21:20 109,624 --a------ C:\Windows\System32\drivers\ataport.sys
2008-07-25 21:20 . 2008-07-25 21:20 45,112 --a------ C:\Windows\System32\drivers\pciidex.sys
2008-07-25 21:20 . 2008-07-25 21:20 21,560 --a------ C:\Windows\System32\drivers\atapi.sys
2008-07-25 21:20 . 2008-07-25 21:20 15,928 --a------ C:\Windows\System32\drivers\pciide.sys
2008-07-25 21:19 . 2008-07-25 21:19 1,191,936 --a------ C:\Windows\System32\msxml3.dll
2008-07-25 21:19 . 2008-07-25 21:19 104,448 --a------ C:\Windows\System32\DWWIN.EXE
2008-07-25 21:19 . 2008-07-25 21:19 2,048 --a------ C:\Windows\System32\msxml3r.dll
2008-07-25 21:17 . 2008-07-25 21:17 806,400 --a------ C:\Windows\System32\drivers\tcpip.sys
2008-07-25 21:17 . 2008-07-25 21:17 217,144 --a------ C:\Windows\System32\drivers\netio.sys
2008-07-25 21:17 . 2008-07-25 21:17 167,424 --a------ C:\Windows\System32\tcpipcfg.dll
2008-07-25 21:17 . 2008-07-25 21:17 24,064 --a------ C:\Windows\System32\netcfg.exe
2008-07-25 21:17 . 2008-07-25 21:17 22,016 --a------ C:\Windows\System32\netiougc.exe
2008-07-25 21:11 . 2008-07-25 21:11 1,585,664 --a------ C:\Windows\System32\setupapi.dll
2008-07-25 21:09 . 2008-07-25 21:09 2,027,008 --a------ C:\Windows\System32\win32k.sys
2008-07-25 21:09 . 2008-07-25 21:09 223,232 --a------ C:\Windows\System32\WMASF.DLL
2008-07-25 21:09 . 2008-07-25 21:09 9,728 --a------ C:\Windows\System32\LAPRXY.DLL
2008-07-25 21:09 . 2008-07-25 21:09 2,048 --a------ C:\Windows\System32\asferror.dll
2008-07-25 21:08 . 2008-07-25 21:08 296,448 --a------ C:\Windows\System32\gdi32.dll
2008-07-25 21:08 . 2008-07-25 21:08 268,288 --a------ C:\Windows\System32\mcbuilder.exe
2008-07-25 21:08 . 2008-07-25 21:08 223,232 --a------ C:\Windows\System32\SLC.dll
2008-07-25 21:08 . 2008-07-25 21:08 33,280 --a------ C:\Windows\System32\slwmi.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-07-26 04:21 880,560 ----a-w C:\Windows\system32\drivers\vetefile.sys
2008-07-26 04:21 108,368 ----a-w C:\Windows\system32\drivers\veteboot.sys
2008-07-26 01:56 174 --sha-w C:\Program Files\desktop.ini
2008-07-26 01:50 --------- d-----w C:\Program Files\Windows Sidebar
2008-07-26 01:50 --------- d-----w C:\Program Files\Windows Mail
2008-07-26 01:50 --------- d-----w C:\Program Files\Windows Defender
2008-07-26 01:50 --------- d-----w C:\Program Files\Windows Calendar
2008-07-26 01:33 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
2008-07-26 01:23 86,016 ----a-w C:\Windows\System32\icfupgd.dll
2008-07-26 01:23 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL
2008-07-26 01:23 7,680 ----a-w C:\Windows\System32\spwmp.dll
2008-07-26 01:23 63,488 ----a-w C:\Windows\system32\drivers\mpsdrv.sys
2008-07-26 01:23 61,952 ----a-w C:\Windows\System32\cmifw.dll
2008-07-26 01:23 4,096 ----a-w C:\Windows\System32\dxmasf.dll
2008-07-26 01:23 396,800 ----a-w C:\Windows\System32\MPSSVC.dll
2008-07-26 01:23 392,192 ----a-w C:\Windows\System32\FirewallAPI.dll
2008-07-26 01:23 356,864 ----a-w C:\Windows\System32\MediaMetadataHandler.dll
2008-07-26 01:23 23,040 ----a-w C:\Windows\system32\drivers\tunnel.sys
2008-07-26 01:23 178,688 ----a-w C:\Windows\System32\iphlpsvc.dll
2008-07-26 01:23 16,896 ----a-w C:\Windows\System32\wfapigp.dll
2008-07-26 01:23 15,360 ----a-w C:\Windows\system32\drivers\TUNMP.SYS
2008-07-26 01:11 944,184 ----a-w C:\Windows\System32\winload.exe
2008-07-26 01:06 88,576 ----a-w C:\Windows\System32\avifil32.dll
2008-07-26 01:03 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-07-26 01:03 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-26 01:03 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-07-26 01:03 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-26 01:03 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-07-26 00:59 826,368 ----a-w C:\Windows\System32\wininet.dll
2008-07-26 00:59 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-07-26 00:59 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-07-25 19:22 15,393 ----a-w C:\CSPU.DAT
2008-06-02 20:06 91,376 ----a-w C:\Windows\System32\isafprod.dll
2008-06-02 20:06 83,256 ----a-w C:\Windows\System32\vetredir.dll
2008-06-02 20:06 32,240 ----a-w C:\Windows\system32\drivers\vetmonnt.sys
2008-06-02 20:06 26,352 ----a-w C:\Windows\system32\drivers\vet-filt.sys
2008-06-02 20:06 21,488 ----a-w C:\Windows\system32\drivers\vetfddnt.sys
2008-06-02 20:06 21,104 ----a-w C:\Windows\system32\drivers\vet-rec.sys
2008-06-02 20:05 99,568 ----a-w C:\Windows\System32\isafeif.dll
.
((((((((((((((((((((((((((((( snapshot@2008-07-27_ 2.22.15.21 )))))))))))))))))))))))))))))))))))))))))
.
- 2005-10-21 03:02:28 163,328 ----a-w C:\Windows\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-21 00:02:28 163,328 ----a-w C:\Windows\erdnt\Hiv-backup\ERDNT.EXE
- 2000-08-31 15:00:00 28,672 ----a-w C:\Windows\Nircmd.exe
+ 2000-08-31 12:00:00 28,672 ----a-w C:\Windows\Nircmd.exe
- 2008-07-27 08:35:50 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive0.dat
+ 2008-07-28 00:26:56 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive0.dat
- 2008-07-27 08:35:50 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive1.dat
+ 2008-07-28 00:26:56 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive1.dat
- 2008-07-27 08:42:02 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-07-28 00:38:52 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-07-28 00:38:52 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat .LOG1
- 2008-07-27 08:41:57 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.D AT
+ 2008-07-28 00:38:47 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.D AT
+ 2008-07-28 00:38:47 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.d at.LOG1
- 2000-08-31 15:00:00 161,792 ----a-w C:\Windows\swreg.exe
+ 2000-08-31 12:00:00 161,792 ----a-w C:\Windows\swreg.exe
- 2008-07-27 08:35:52 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\History\History.IE5\index.d at
+ 2008-07-28 00:32:26 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\History\History.IE5\index.d at
- 2008-07-27 08:35:52 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-07-28 00:32:26 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-07-27 08:35:52 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\R oaming\Microsoft\Windows\Cookies\index.dat
+ 2008-07-28 00:32:26 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\R oaming\Microsoft\Windows\Cookies\index.dat
- 2008-07-27 08:47:36 104,024 ----a-w C:\Windows\System32\perfc009.dat
+ 2008-07-28 00:35:46 104,024 ----a-w C:\Windows\System32\perfc009.dat
- 2008-07-27 08:47:36 618,648 ----a-w C:\Windows\System32\perfh009.dat
+ 2008-07-28 00:35:46 618,648 ----a-w C:\Windows\System32\perfh009.dat
+ 2007-10-30 00:13:28 273,920 ----a-w C:\Windows\System32\spool\prtprocs\w32x86\1_hpzpp4 xl.dll
- 2008-07-27 08:42:32 3,166 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4169441481-2603066522-925256194-500_UserData.bin
+ 2008-07-28 00:31:58 3,544 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4169441481-2603066522-925256194-500_UserData.bin
- 2008-07-27 08:42:31 53,902 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics _SystemData.bin
+ 2008-07-28 00:31:57 54,568 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics _SystemData.bin
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-07-25 21:04 1232896]
"Chatango"="C:\Program Files\Chatango\Chatango.exe" [2008-02-05 00:18 356352]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2008-04-17 19:27 9117696]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 14:34 5724184]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 08:36 201728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-02-26 15:26 90191]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-02-26 15:26 7770112]
"NvMediaCenter"="C:\Windows\system32\NvMcTray. dll" [2007-02-26 15:26 81920]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-12 23:36 827392]
"HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2007-03-12 00:34 49152]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-07-26 12:59 1235736]
"ReminderApp"="C:\Program Files\Nova Development\Greeting Card Factory Photo Card Maker\ReminderApp.exe" [2006-11-02 14:21 156160]
"LifeCam"="C:\Program Files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 17:45 279912]
"VX1000"="C:\Windows\vVX1000.exe" [2007-04-10 17:46 709992]
"cctray"="C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe" [2008-05-07 19:39 181512]
"CAVRID"="C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe" [2008-06-02 16:06 234736]
"QOELOADER"="C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-6.0.1.33\QOELoader.exe" [2008-07-26 00:16 14088]
"cafw"="C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe" [2008-04-04 18:46 771336]
"capfasem"="C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe" [2008-04-04 18:46 173320]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 07:27 144784]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 13:50 413696]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2008-04-17 19:27 9117696]
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Sta rtup\
HP Digital Imaging Monitor.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2007-01-03 00:40:10 210520]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableLUA"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\ShellExecuteHooks]
"{1869181A-9F50-4FCF-8BFF-1B8588ECB85C}"= "C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\WebsiteInspector\LinkAdvisor\CIDLinkAdvi sor.dll" [2007-10-16 00:40 1373624]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PFW]
2007-05-18 16:30 79368 C:\Windows\System32\UmxWNP.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\CA Personal Firewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ComputerAssociatesAntiSpyware]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ComputerAssociatesAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\DomainProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
"{1CAF1FEC-9869-4F2C-A127-48627AA0634B}"= C:\Program Files\AVG\AVG8\avgemc.exe:avgemc.exe
"{FBC0090A-5EED-43E2-81F8-C389AC3704E1}"= C:\Program Files\AVG\AVG8\avgupd.exe:avgupd.exe
"{7B7A8C7D-04D7-4F2D-B465-556DBBA945EC}"= C:\Program Files\AVG\AVG8\avgnsx.exe:avgnsx.exe
"{14BC5645-DFCB-4C26-9FFB-002910199183}"= C:\Program Files\MySpace\IM\MySpaceIM.exe:MySpaceIM
"{60D1E569-E04B-4F78-8C0C-0532EAB2831C}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{9D80922A-D75F-4AFB-9221-BE9DB51235D3}"= UDP:C:\Program Files\Microsoft LifeCam\LifeCam.exe:LifeCam.exe
"{D4B6A733-D054-4799-BD2A-27BB05E40B19}"= TCP:C:\Program Files\Microsoft LifeCam\LifeCam.exe:LifeCam.exe
"{279EB2AA-2964-40E7-A75C-2505A6CC669A}"= UDP:C:\Program Files\Microsoft LifeCam\LifeExp.exe:LifeExp.exe
"{8C0B3213-F2EC-4DBD-85CA-AD96D436D853}"= TCP:C:\Program Files\Microsoft LifeCam\LifeExp.exe:LifeExp.exe
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|S vc=DFSR:Allow inbound TCP traffic|
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\StandardProfile]
"EnableFirewall"= 0 (0x0)
R0 AvgRkx86;avgrkx86.sys;C:\Windows\system32\Drivers\ avgrkx86.sys [2008-07-25 20:43]
R0 KmxFw;KmxFw;C:\Windows\system32\DRIVERS\kmxfw.sys [2007-10-18 17:21]
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\Windows\system32\Drivers\avgldx86.sys [2008-07-26 12:59]
R1 KmxAgent;KmxAgent;C:\Windows\system32\DRIVERS\kmxa gent.sys [2007-05-18 16:30]
R1 KmxFile;KmxFile;C:\Windows\system32\DRIVERS\KmxFil e.sys [2007-05-18 16:30]
R1 KmxFilter;HIPS Core Filter Driver;C:\Windows\system32\DRIVERS\KmxFilter.sys [2007-10-18 13:24]
R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-07-26 12:59]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-07-26 12:59]
R2 avgfws8;AVG8 Firewall;C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2008-07-26 12:59]
R2 KmxCF;KmxCF;C:\Windows\system32\DRIVERS\KmxCF.sys [2007-10-18 13:24]
R2 KmxSbx;KmxSbx;C:\Windows\system32\DRIVERS\KmxSbx.s ys [2007-11-02 15:09]
R2 MSCamSvc;MSCamSvc;C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-05-17 17:45]
R2 UmxAgent;HIPS Event Manager;C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe [2007-10-18 13:24]
R2 UmxCfg;HIPS Configuration Interpreter;C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe [2007-10-18 13:24]
R2 UmxPol;HIPS Policy Manager;C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe [2007-05-18 16:30]
R3 AvgWfpX;AVG8 Firewall Driver x86;C:\Windows\system32\Drivers\avgwfpx.sys [2008-07-25 20:43]
R3 KmxCfg;KmxCfg;C:\Windows\system32\DRIVERS\kmxcfg.s ys [2007-09-13 18:15]
R3 PPCtlPriv;PPCtlPriv;C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe [2008-04-10 13:39]
R3 VX1000;VX-1000;C:\Windows\system32\DRIVERS\VX1000.sys [2007-04-10 17:46]
S3 FBIKB_NT;FBIKB_NT;C:\Windows\system32\Drivers\FBIK B_NT.Sys [2005-09-01 12:40]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
************************************************** ************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-07-27 21:38:00
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
************************************************** ************************
.
Completion time: 2008-07-27 21:50:27
ComboFix-quarantined-files.txt 2008-07-28 01:42:39
ComboFix2.txt 2008-07-27 18:37:28
ComboFix3.txt 2008-07-27 09:30:39
Pre-Run: 1,703,948,288 bytes free
Post-Run: 1,779,933,184 bytes free
318 --- E O F --- 2008-07-26 21:51:20
*Combofix log*
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:44:00 PM, on 7/27/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Nova Development\Greeting Card Factory Photo Card Maker\ReminderApp.exe
C:\Windows\vVX1000.exe
C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\cavrid.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-6.0.1.33\QOELoader.exe
C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Chatango\Chatango.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfsem.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\Program Files\Flock\flock\flock.exe
C:\Program Files\Trillian\trillian.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
Yahoo!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
MSN.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_framework.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: CA Toolbar Helper - {FBF2401B-7447-4727-BE5D-C19B2075CA84} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\WebsiteInspector\Toolbar\CallingIDIE.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: CA Toolbar - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\WebsiteInspector\Toolbar\CallingIDIE.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ReminderApp] C:\Program Files\Nova Development\Greeting Card Factory Photo Card Maker\ReminderApp.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX1000] C:\Windows\vVX1000.exe
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe"
O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-6.0.1.33\QOELoader.exe"
O4 - HKLM\..\Run: [cafw] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe -cl
O4 - HKLM\..\Run: [capfasem] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Chatango] C:\Program Files\Chatango\Chatango.exe
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_extensions.dll
O13 - Gopher Prefix:
O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone
O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) -
http://cdn.scan.onecare.live.com/res.../wlscctrl2.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -
http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
O23 - Service: PPCtlPriv - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
O23 - Service: HIPS Event Manager (UmxAgent) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
O23 - Service: HIPS Configuration Interpreter (UmxCfg) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
O23 - Service: HIPS Firewall Helper (UmxFwHlp) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
O23 - Service: HIPS Policy Manager (UmxPol) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 9773 bytes
Hijackthis log
PC Help Forum
» Operating Systems
» Windows Vista
»
[Answered] results of a scan can some one check and see what needs fixed?
Re: results of a scan can some one check and see what needs fixed?
