ComboFix 10-01-26.02 - Sonia Britt 01/27/2010 0:06.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1278.848 [GMT -8:00]
Running from: c:\documents and settings\Sonia Britt\Desktop\ComboFix.exe
AV: Webroot AntiVirus with Spy Sweeper *On-access scanning disabled* (Updated) {77E10C7F-2CCA-4187-9394-BDBC267AD597}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\s
c:\windows\patch.exe
c:\windows\system32\_003342_.tmp.dll
c:\windows\system32\_003499_.tmp.dll
c:\windows\system32\_003500_.tmp.dll
c:\windows\system32\_003501_.tmp.dll
c:\windows\system32\_003502_.tmp.dll
c:\windows\system32\11478.exe
c:\windows\system32\15724.exe
c:\windows\system32\18467.exe
c:\windows\system32\19169.exe
c:\windows\system32\26500.exe
c:\windows\system32\29358.exe
c:\windows\system32\6334.exe
.
((((((((((((((((((((((((( Files Created from 2009-12-27 to 2010-01-27 )))))))))))))))))))))))))))))))
.
2010-01-25 06:48 . 2010-01-25 06:48 -------- d-----w- c:\program files\Trend Micro
2010-01-25 06:41 . 2010-01-25 06:41 -------- d-----w- c:\program files\Common Files\Java
2010-01-25 06:40 . 2010-01-25 06:40 503808 ----a-w- c:\documents and settings\Sonia Britt\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-325a624f-n\msvcp71.dll
2010-01-25 06:40 . 2010-01-25 06:40 499712 ----a-w- c:\documents and settings\Sonia Britt\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-325a624f-n\jmc.dll
2010-01-25 06:40 . 2010-01-25 06:40 348160 ----a-w- c:\documents and settings\Sonia Britt\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-325a624f-n\msvcr71.dll
2010-01-25 06:40 . 2010-01-25 06:40 61440 ----a-w- c:\documents and settings\Sonia Britt\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-7e524a22-n\decora-sse.dll
2010-01-25 06:40 . 2010-01-25 06:40 12800 ----a-w- c:\documents and settings\Sonia Britt\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-7e524a22-n\decora-d3d.dll
2010-01-25 05:44 . 2010-01-25 05:44 -------- d-----w- c:\documents and settings\Sonia Britt\Application Data\Malwarebytes
2010-01-25 05:44 . 2010-01-08 00:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-25 05:44 . 2010-01-25 05:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-01-25 05:44 . 2010-01-08 00:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-25 05:43 . 2010-01-25 05:44 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-25 03:19 . 2010-01-25 03:19 52224 ----a-w- c:\documents and settings\Sonia Britt\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-01-25 03:18 . 2010-01-25 03:18 117760 ----a-w- c:\documents and settings\Sonia Britt\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-01-25 03:18 . 2010-01-25 03:18 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2010-01-25 03:18 . 2010-01-25 03:18 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-01-25 03:18 . 2010-01-25 03:18 -------- d-----w- c:\documents and settings\Sonia Britt\Application Data\SUPERAntiSpyware.com
2010-01-25 03:17 . 2010-01-25 03:17 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-01-25 03:04 . 2010-01-25 03:04 -------- d-----w- c:\program files\CCleaner
2010-01-20 19:48 . 2010-01-20 19:48 -------- d-----w- c:\documents and settings\Sonia Britt\Local Settings\Application Data\WMTools Downloaded Files
2010-01-17 08:18 . 2010-01-25 02:17 -------- d-----w- c:\program files\Paint.NET
2010-01-17 08:18 . 2010-01-22 06:12 -------- d-----w- c:\documents and settings\Sonia Britt\Local Settings\Application Data\Paint.NET
2010-01-12 19:13 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-06 23:38 . 2010-01-06 23:55 -------- d-----w- c:\documents and settings\Sonia Britt\Application Data\gtk-2.0
2010-01-06 23:36 . 2010-01-06 23:36 -------- d-----w- c:\documents and settings\Sonia Britt\.thumbnails
2010-01-06 23:29 . 2010-01-06 23:55 -------- d-----w- c:\documents and settings\Sonia Britt\.gimp-2.6
2009-12-28 16:00 . 2009-12-28 16:00 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-27 07:15 . 2009-06-12 23:32 -------- d-----w- c:\program files\Dl_cats
2010-01-25 06:39 . 2009-07-27 01:29 -------- d-----w- c:\program files\Java
2010-01-22 06:12 . 2009-09-02 03:54 2516 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-01-15 14:47 . 2010-01-15 14:47 351128 ----a-w- c:\documents and settings\All Users\SPL1F.tmp
2010-01-07 02:54 . 2009-07-27 05:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2009-12-25 19:20 . 2009-12-25 19:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Kodak
2009-12-25 19:20 . 2009-12-25 19:20 114688 ----a-w- c:\documents and settings\All Users\Application Data\Kodak\EasyShareSetup\$Registration\KodakCameraAPI_8.0.20.1.dll
2009-12-25 19:01 . 2009-12-25 19:01 74268 ---ha-w- c:\windows\system32\mlfcache.dat
2009-12-25 18:45 . 2009-07-27 03:39 -------- d-----w- c:\documents and settings\Sonia Britt\Application Data\Apple Computer
2009-12-25 18:14 . 2009-12-25 18:12 -------- d-----w- c:\program files\iTunes
2009-12-25 18:14 . 2009-12-25 18:12 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-12-25 18:12 . 2009-06-20 00:51 -------- d-----w- c:\program files\iPod
2009-12-25 18:12 . 2009-12-25 18:05 -------- d-----w- c:\program files\Common Files\Apple
2009-12-25 18:11 . 2009-12-25 18:11 -------- d-----w- c:\program files\Bonjour
2009-12-25 18:11 . 2009-06-20 00:53 -------- d-----w- c:\program files\QuickTime
2009-12-25 18:10 . 2009-06-20 00:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-12-25 18:07 . 2009-12-25 18:06 -------- d-----w- c:\program files\Apple Software Update
2009-12-25 18:06 . 2009-12-25 18:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-12-21 19:14 . 2009-08-21 05:48 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-18 01:14 . 2009-07-27 01:31 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-07 02:08 . 2009-12-07 02:08 -------- d-----w- c:\documents and settings\Sonia Britt\Application Data\Motive
2009-12-02 07:05 . 2009-06-20 04:54 164 ----a-w- c:\windows\install.dat
2009-11-21 15:51 . 2009-08-21 05:46 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-21 03:22 . 2009-08-26 14:27 93104 ----a-w- c:\documents and settings\Sonia Britt\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-11-13 01:07 . 2009-11-13 01:07 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-11-06 23:19 . 2009-06-20 04:59 1563008 ----a-w- c:\windows\WRSetup.dll
2009-11-06 20:00 . 2009-04-22 01:27 23152 ----a-w- c:\windows\system32\drivers\sshrmd.sys
2009-11-06 20:00 . 2009-04-22 01:27 176752 ----a-w- c:\windows\system32\drivers\ssidrv.sys
2009-11-06 20:00 . 2009-04-22 01:27 29808 ----a-w- c:\windows\system32\drivers\ssfs0bbc.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\BackupIconOverlayId]
@="{2EE61E5C-8F94-4AAB-8A80-D2A8CD1FEDAD}"
[HKEY_CLASSES_ROOT\CLSID\{2EE61E5C-8F94-4AAB-8A80-D2A8CD1FEDAD}]
2009-05-13 22:34 238968 ----a-w- c:\program files\Webroot\WebrootSecurity\Backup\CtxMenu_1_0_0_10.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"dlcxmon.exe"="c:\program files\Dell Photo AIO Printer 926\dlcxmon.exe" [2007-01-12 292336]
"MemoryCardManager"="c:\program files\Dell Photo AIO Printer 926\memcard.exe" [2006-11-03 304008]
"FaxCenterServer"="c:\program files\Dell PC Fax\fm3032.exe" [2006-11-03 312200]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"BJCFD"="c:\program files\BroadJump\Client Foundation\CFD.exe" [2002-09-11 368706]
"IPInSightLAN 02"="c:\program files\Visual Networks\Visual IP InSight\SBC\IPClient.exe" [2003-06-11 380928]
"IPInSightMonitor 02"="c:\program files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe" [2003-06-11 122880]
"Motive SmartBridge"="c:\progra~1\SBCSEL~1\SMARTB~1\MotiveSB.exe" [2003-12-10 380928]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2005-10-19 155648]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2005-10-19 126976]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-13 141600]
"DLCXCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLCXtime.dll" [2006-10-16 106496]
"SpySweeper"="c:\program files\Webroot\WebrootSecurity\SpySweeperUI.exe" [2009-11-06 6515784]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
SBC Self Support Tool.lnk - c:\program files\SBC Self Support Tool\bin\matcli.exe [2009-6-19 217088]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2009-05-27 04:06 4351216 ----a-w- c:\program files\Yahoo!\Messenger\YahooMessenger.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"YPCService"=3 (0x3)
"YahooAUService"=2 (0x2)
"UPS"=3 (0x3)
"TrkWks"=2 (0x2)
"seclogon"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
R0 ssfs0bbc;ssfs0bbc;c:\windows\system32\drivers\ssfs0bbc.sys [4/21/2009 5:27 PM 29808]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [1/5/2010 7:56 AM 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [1/5/2010 7:56 AM 74480]
R2 dlcx_device;dlcx_device;c:\windows\System32\dlcxcoms.exe -service --> c:\windows\System32\dlcxcoms.exe -service [?]
R2 WRConsumerService;Webroot Client Service;c:\program files\Webroot\WebrootSecurity\WRConsumerService.exe [6/19/2009 9:01 PM 1201640]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [1/5/2010 7:56 AM 7408]
--- Other Services/Drivers In Memory ---
*Deregistered* - IPVNMon
.
Contents of the 'Scheduled Tasks' folder
2010-01-25 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 20:34]
2010-01-21 c:\windows\Tasks\wrSpySweeper_L4FA34B730E214F0889C432E754B917ED.job
- c:\program files\Webroot\WebrootSecurity\SpySweeperUI.exe [2009-06-20 23:19]
2010-01-21 c:\windows\Tasks\wrSpySweeper_L4FA34B730E214F0889C432E754B917ED.job
- c:\program files\Webroot\WebrootSecurity\SpySweeperUI.exe [2009-06-20 23:19]
2010-01-26 c:\windows\Tasks\wrSpySweeper_L9F8596A488D4435983D3EE2F20776F10.job
- c:\program files\Webroot\WebrootSecurity\SpySweeperUI.exe [2009-06-20 23:19]
2010-01-26 c:\windows\Tasks\wrSpySweeper_L9F8596A488D4435983D3EE2F20776F10.job
- c:\program files\Webroot\WebrootSecurity\SpySweeperUI.exe [2009-06-20 23:19]
.
.
------- Supplementary Scan -------
.
mSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-PRISMSVR.EXE - c:\windows\System32\PRISMSVR.EXE
MSConfigStartUp-MSMSGS - c:\program files\Messenger\msmsgs.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-01-27 00:27
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(620)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll
.
Completion time: 2010-01-27 00:30:08
ComboFix-quarantined-files.txt 2010-01-27 08:29
Pre-Run: 56,633,835,520 bytes free
Post-Run: 61,074,472,960 bytes free
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
- - End Of File - - 4DB09D48057267D51FF5E0F91DA4ACAA
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:46:12 AM, on 1/27/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\dlcxcoms.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe
C:\Program Files\Dell Photo AIO Printer 926\memcard.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\internet explorer\iexplore.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [dlcxmon.exe] "C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe"
O4 - HKLM\..\Run: [MemoryCardManager] "C:\Program Files\Dell Photo AIO Printer 926\memcard.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Dell PC Fax\fm3032.exe" /s
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [BJCFD] "C:\Program Files\BroadJump\Client Foundation\CFD.exe"
O4 - HKLM\..\Run: [IPInSightLAN 02] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 02] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe"
O4 - HKLM\..\Run: [Motive SmartBridge] "C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe"
O4 - HKLM\..\Run: [IgfxTray] "C:\WINDOWS\System32\igfxtray.exe"
O4 - HKLM\..\Run: [HotKeysCmds] "C:\WINDOWS\System32\hkcmd.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] "C:\Program Files\Analog Devices\Core\smax4pnp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DLCXCATS] "rundll32" C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCXtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe" /startintray
O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1249157477609O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) -
http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cabO16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) -
http://lads.myspace.com/upload/MySpaceUploader2.cabO16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) -
http://photos.yahoo.com/ocx/us/yexplorer1_9us.cabO20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: dlcx_device - - C:\WINDOWS\System32\dlcxcoms.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (
www.webroot.com) - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
--
End of file - 7799 bytes