Hi, here is the ComboFix logComboFix 08-12-20.05 - Kevin 2008-12-21 18:59:52.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1918.1460 [GMT 0:00]
Running from: c:\documents and settings\Kevin\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Kevin\Desktop\CFScript.txt
* Created a new restore point
FILE ::
c:\windows\Tasks\zuwbeheu.job
c:\windows\Taskscwuqinw.job
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\Tasks\zuwbeheu.job
.
((((((((((((((((((((((((( Files Created from 2008-11-21 to 2008-12-21 )))))))))))))))))))))))))))))))
.
2008-12-21 16:01 . 2008-12-21 16:01 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-12-21 16:01 . 2008-12-21 16:01 <DIR> d-------- c:\documents and settings\Kevin\Application Data\Malwarebytes
2008-12-21 16:01 . 2008-12-21 16:01 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-12-21 16:01 . 2008-12-03 19:59 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-21 16:01 . 2008-12-03 19:59 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-12-20 23:24 . 2008-12-20 23:27 <DIR> d-------- c:\program files\NoAdware
2008-12-20 22:33 . 2008-12-20 22:33 <DIR> d-------- c:\program files\Trend Micro
2008-12-20 22:20 . 2008-12-20 22:20 <DIR> d-------- c:\program files\SUPERAntiSpyware
2008-12-20 22:20 . 2008-12-20 22:20 <DIR> d-------- c:\documents and settings\Kevin\Application Data\SUPERAntiSpyware.com
2008-12-20 22:20 . 2008-12-20 22:20 <DIR> d-------- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2008-12-20 22:19 . 2008-12-20 22:19 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2008-12-18 19:29 . 2008-11-13 15:18 1,221,008 --a------ c:\windows\system32\zpeng25.dll
2008-12-18 19:01 . 2008-12-18 19:34 140,158 --a------ c:\windows\system32vapps.xml
2008-12-18 19:00 . 2008-12-18 19:00 <DIR> d-------- c:\windowsview
2008-12-18 19:00 . 2007-10-04 08:14 356,352 --a------ c:\windows\system32vudisp.exe
2008-12-18 19:00 . 2007-10-04 08:14 17,525 --a------ c:\windows\system32vdisp.nvu
2008-12-18 18:59 . 2007-09-20 10:07 888,064 -ra------ c:\windows\system32\driversvnrm.sys
2008-12-18 18:59 . 2007-09-15 01:19 356,352 --a------ c:\windows\system32vunrm.exe
2008-12-18 18:59 . 2007-09-20 10:07 195,072 -ra------ c:\windows\system32\fdco1.dll
2008-12-18 18:59 . 2007-09-20 10:07 53,632 -ra------ c:\windows\system32\drivers\NVENETFD.sys
2008-12-18 18:59 . 2007-09-15 01:19 37,376 -ra------ c:\windows\system32vconrm.dll
2008-12-18 18:59 . 2007-09-20 10:07 22,016 -ra------ c:\windows\system32\driversvnetbus.sys
2008-12-18 18:59 . 2007-09-20 10:06 9,216 -ra------ c:\windows\system32\bdco1.dll
2008-12-18 18:59 . 2007-09-06 09:10 4,805 -ra------ c:\windows\system32vnrm.nvu
2008-12-18 18:48 . 2008-12-18 18:48 10,841 --a------ c:\windows\Ascd_tmp.ini
2008-12-18 18:38 . 2005-05-03 10:43 69,632 -r------- c:\windows\Alcmtr.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-21 18:41 --------- d-----w c:\documents and settings\All Users\Application Data\Viewpoint
2008-12-21 18:34 3,478 ----a-w c:\documents and settings\Dawn\Application Data\wklnhst.dat
2008-12-20 15:08 6,630,440 ----a-w c:\windows\Internet Logs\tvDebug.zip
2008-11-19 19:31 --------- d-----w c:\program files\SpeedFan
2008-11-17 18:13 1,204 ----a-w c:\documents and settings\Katy\Application Data\wklnhst.dat
2008-11-09 19:48 --------- d-----w c:\program files\Audacity
2008-11-08 13:30 1,344 ----a-w c:\documents and settings\Kevin\Application Data\wklnhst.dat
2008-11-06 22:26 --------- d-----w c:\program files\Common Files\Vbox
2008-11-06 22:26 --------- d-----w c:\program files\Common Files\Adobe
2008-11-06 22:24 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-02 21:54 921,632 ----a-w C:\StiImg.dat
2008-10-31 21:32 --------- d-----w c:\documents and settings\Kevin\Application Data\ArcSoft
2008-10-31 21:26 --------- d-----w c:\program files\PC Camer@
2008-10-31 21:26 --------- d-----w c:\program files\Common Files\PCCamera
2008-10-30 22:31 --------- d-----w c:\program files\Common Files\ArcSoft
2008-10-30 22:30 --------- d-----w c:\program files\ArcSoft
2008-10-30 18:55 --------- d-----w c:\documents and settings\All Users\Application Data\Hewlett-Packard
2008-10-27 11:04 --------- d-----w c:\documents and settings\Dawn\Application Data\Apple Computer
2008-10-25 15:10 --------- d-----w c:\program files\GPLGS
2008-10-25 15:09 --------- d-----w c:\program files\Acro Software
2008-10-24 20:16 --------- d-----w c:\program files\Messenger Plus! Live
2008-10-24 20:16 --------- d-----w c:\program files\Circle Developement
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll
2008-10-17 17:32 2,028,544 ----a-w c:\windows\Internet Logs\xDB5.tmp
2008-10-16 20:38 826,368 ----a-w c:\windows\system32\wininet.dll
2008-10-16 14:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 14:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 14:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 14:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 14:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 14:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 14:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 14:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 14:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 14:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-03 10:02 247,326 ----a-w c:\windows\system32\strmdll.dll
2008-09-30 16:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-06-06 16:47 604 ---ha-w c:\program files\STLL Notifier
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-12-04 1809648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShStatEXE"="c:\program files\Network Associates\VirusScan\SHSTAT.EXE" [2007-11-26 98304]
"McAfeeUpdaterUI"="c:\program files\Network Associates\Common Framework\UdaterUI.exe" [2007-10-25 136512]
"Network Associates Error Reporting Service"="c:\program files\Common Files\Network Associates\TalkBack\TBMon.exe" [2003-10-07 147514]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"EPSON Stylus CX3600 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE" [2004-03-04 98304]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 144784]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-05-28 528384]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-10-04 8491008]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-10-04 81920]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-11-13 981904]
"SkyTel"="SkyTel.EXE" [2007-08-03 c:\windows\SkyTel.exe]
"RTHDCPL"="RTHDCPL.EXE" [2007-09-27 c:\windows\RTHDCPL.exe]
"nwiz"="nwiz.exe" [2007-10-04 c:\windows\system32wiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-07-15 113664]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogonotify\!SASWinLogon]
2008-12-03 14:56 352256 c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Network Associates\\Common Framework\\FrameworkService.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\Teleca Shared\\CapabilityManager.exe"=
R1 NaiAvTdi1;NaiAvTdi1;c:\windows\system32\drivers\mvstdi5x.sys [2008-06-06 59904]
R1 SASDIFSV;SASDIFSV;\??\c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2008-12-04 8944]
R1 SASKUTIL;SASKUTIL;\??\c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2008-12-04 55024]
R3 PAC207;CamMaestro 3.01 DU PC Camera;c:\windows\system32\DRIVERS\pfc027.sys [2005-05-27 162304]
R3 SASENUM;SASENUM;\??\c:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-12-04 7408]
S3 s716bus;Sony Ericsson Device 716 driver (WDM);c:\windows\system32\DRIVERS\s716bus.sys [2008-08-07 83208]
S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s716mdfl.sys [2008-08-07 15112]
S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s716mdm.sys [2008-08-07 108552]
S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s716mgmt.sys [2008-08-07 100360]
S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS);c:\windows\system32\DRIVERS\s716nd5.sys [2008-08-07 23176]
S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s716obex.sys [2008-08-07 98568]
S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM);c:\windows\system32\DRIVERS\s716unic.sys [2008-08-07 98952]
S3 w200bus;Sony Ericsson W200 driver (WDM);c:\windows\system32\DRIVERS\w200bus.sys [2008-08-18 61504]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter;c:\windows\system32\DRIVERS\w200mdfl.sys [2008-08-18 9328]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver;c:\windows\system32\DRIVERS\w200mdm.sys [2008-08-18 97056]
S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\w200mgmt.sys [2008-09-04 88560]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\w200obex.sys [2008-09-03 86368]
.
Contents of the 'Scheduled Tasks' folder
2008-11-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 16:57]
2008-12-21 c:\windows\Taskscwuqinw.job
- c:\windows\system32\rundll32.exe [2008-04-14 12:00]
.
.
------- Supplementary Scan -------
.
uLocal Page = \blank.htm
uStart Page = hxxp://www.google.co.uk/
IE: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-us\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
Trusted Zone: *.antimalwareguard.com
Trusted Zone: *.antispyexpert.com
Trusted Zone: *.avsystemcare.com
Trusted Zone: *.gomyhit.com
Trusted Zone: *.imageservr.com
Trusted Zone: *.onerateld.com
Trusted Zone: *.safetydownload.com
Trusted Zone: *.spyguardpro.com
Trusted Zone: *.storageguardsoft.com
Trusted Zone: *.trustedantivirus.com
Trusted Zone: *.virusremover2008.com
Trusted Zone: *.virusschlacht.com
c:\windows\Downloaded Program Files\RSGameLoader.dll - O16 -: RaptisoftGameLoader
hxxp://www.miniclip.com/games/hamsterball/en/raptisoftgameloader.cab
c:\windows\Downloaded Program Files\OSD28E7.OSD
c:\windows\Downloaded Program Files\igloader.dll - O16 -: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A}
hxxp://www.miniclip.com/igloader/igloader.CAB
c:\windows\Downloaded Program Files\igloader.inf
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-21 19:04:06
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(684)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ZoneLabs\vsmon.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Network Associates\Common Framework\FrameworkService.exe
c:\program files\Network Associates\VirusScan\VsTskMgr.exe
c:\windows\system32vsvc32.exe
c:\windows\system32\PAStiSvc.exe
c:\program files\Network Associates\Common FrameworkaPrdMgr.exe
c:\program files\Network Associates\Common Framework\Mctray.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wscntfy.exe
c:\program files\Common Files\Teleca Shared\Generic.exe
c:\program files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
.
**************************************************************************
.
Completion time: 2008-12-21 19:07:24 - machine was rebooted [Kevin]
ComboFix-quarantined-files.txt 2008-12-21 19:07:21
ComboFix2.txt 2008-12-21 17:13:06
Pre-Run: 118,894,825,472 bytes free
Post-Run: 118,922,448,896 bytes free
223 --- E O F --- 2008-12-19 03:07:20
And the LopR report
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.40GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Kevin ( Administrator )
BOOT : Normal boot
Firewall : ZoneAlarm Firewall 8.0.065.000 (Activated)
C:\ (Local Disk) - NTFS - Total:153 Go (Free:110 Go)
D:\ (Local Disk) - NTFS - Total:232 Go (Free:182 Go)
E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (CD or DVD)
K:\ (CD or DVD)
L:\ (USB)
M:\ (USB) - FAT - Total:1901 Mo (Free:1 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 2008-12-21|19:25 )
--------------------\\ Listing folders in APPLIC~1
[2008-10-08|16:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2008-09-30|16:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Acoustica
[2008-11-18|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2008-06-06|16:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[2008-09-03|20:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[2008-09-03|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL OCP
[2008-06-11|18:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[2008-06-11|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2008-10-17|17:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2008-10-30|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[2008-06-06|15:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[2008-12-21|16:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[2008-06-06|16:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[2008-09-15|22:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[2008-11-06|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2008-06-06|16:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Network Associates
[2008-06-21|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PopCap
[2008-06-06|16:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sibelius Software
[2008-08-07|21:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[2008-12-20|22:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
[2008-08-07|21:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[2008-10-08|18:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[2008-12-21|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[2008-06-06|17:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2008-07-29|20:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[2008-07-31|08:44] C:\DOCUME~1\Dawn\APPLIC~1\Adobe
[2008-10-27|11:04] C:\DOCUME~1\Dawn\APPLIC~1\Apple Computer
[2008-06-28|21:34] C:\DOCUME~1\Dawn\APPLIC~1\gtk-2.0
[2008-06-06|19:57] C:\DOCUME~1\Dawn\APPLIC~1\Identities
[2008-07-07|09:59] C:\DOCUME~1\Dawn\APPLIC~1\Juniper Networks
[2008-06-06|21:04] C:\DOCUME~1\Dawn\APPLIC~1\Macromedia
[2008-12-21|18:28] C:\DOCUME~1\Dawn\APPLIC~1\Microsoft
[2008-09-15|16:07] C:\DOCUME~1\Dawn\APPLIC~1\SecuROM
[2008-08-08|10:23] C:\DOCUME~1\Dawn\APPLIC~1\Sony Ericsson
[2008-09-15|16:08] C:\DOCUME~1\Dawn\APPLIC~1\SPORE
[2008-07-07|09:31] C:\DOCUME~1\Dawn\APPLIC~1\Sun
[2008-09-23|21:18] C:\DOCUME~1\Dawn\APPLIC~1\Teleca
[2008-10-04|11:25] C:\DOCUME~1\Dawn\APPLIC~1\U3
[2008-06-05|12:27] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2008-09-10|22:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sony Ericsson
[2008-09-10|22:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Teleca
[2008-11-16|15:34] C:\DOCUME~1\Katy\APPLIC~1\Adobe
[2008-06-06|19:38] C:\DOCUME~1\Katy\APPLIC~1\Identities
[2008-06-10|14:23] C:\DOCUME~1\Katy\APPLIC~1\Macromedia
[2008-10-07|15:14] C:\DOCUME~1\Katy\APPLIC~1\Microsoft
[2008-09-17|18:00] C:\DOCUME~1\Katy\APPLIC~1\SecuROM
[2008-08-09|18:21] C:\DOCUME~1\Katy\APPLIC~1\Sony Ericsson
[2008-09-17|18:01] C:\DOCUME~1\Katy\APPLIC~1\SPORE
[2008-08-03|19:48] C:\DOCUME~1\Katy\APPLIC~1\Sun
[2008-10-07|18:31] C:\DOCUME~1\Katy\APPLIC~1\Teleca
[2008-11-08|13:20] C:\DOCUME~1\Kevin\APPLIC~1\Adobe
[2008-07-29|08:33] C:\DOCUME~1\Kevin\APPLIC~1\Apple Computer
[2008-10-31|21:32] C:\DOCUME~1\Kevin\APPLIC~1\ArcSoft
[2008-06-05|12:31] C:\DOCUME~1\Kevin\APPLIC~1\Identities
[2008-06-05|12:36] C:\DOCUME~1\Kevin\APPLIC~1\InstallShield
[2008-06-06|15:51] C:\DOCUME~1\Kevin\APPLIC~1\Juniper Networks
[2008-06-06|17:03] C:\DOCUME~1\Kevin\APPLIC~1\Macromedia
[2008-12-21|16:01] C:\DOCUME~1\Kevin\APPLIC~1\Malwarebytes
[2008-09-26|13:39] C:\DOCUME~1\Kevin\APPLIC~1\Microsoft
[2008-06-06|19:06] C:\DOCUME~1\Kevin\APPLIC~1\PTC
[2008-07-06|14:39] C:\DOCUME~1\Kevin\APPLIC~1\RadLight Company
[2008-06-21|19:29] C:\DOCUME~1\Kevin\APPLIC~1\Raptisoft
[2008-11-06|17:26] C:\DOCUME~1\Kevin\APPLIC~1\Sibelius Software
[2008-08-07|21:29] C:\DOCUME~1\Kevin\APPLIC~1\Sony Ericsson
[2008-06-21|16:48] C:\DOCUME~1\Kevin\APPLIC~1\Sun
[2008-12-20|22:20] C:\DOCUME~1\Kevin\APPLIC~1\SUPERAntiSpyware.com
[2008-08-08|18:20] C:\DOCUME~1\Kevin\APPLIC~1\Teleca
[2008-06-22|19:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2008-06-05|12:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks
[2008-12-21 18:43][--a------] C:\WINDOWS\taskscwuqinw.job
[2008-11-12 17:20][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008-12-21 19:22][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2008-04-14 12:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing Folders in C:\Program Files
[2008-09-30|17:08] C:\Program Files\Acoustica Mixcraft 4
[2008-09-30|17:00] C:\Program Files\Acoustica Shared Effects
[2008-10-25|15:09] C:\Program Files\Acro Software
[2008-11-06|22:24] C:\Program Files\Adobe
[2008-06-06|16:30] C:\Program Files\Ahead
[2008-09-03|20:07] C:\Program Files\AOL
[2008-07-08|18:49] C:\Program Files\Apple Software Update
[2008-10-30|22:30] C:\Program Files\ArcSoft
[2008-11-09|19:48] C:\Program Files\Audacity
[2008-08-09|19:36] C:\Program Files\Bethesda Softworks
[2008-06-18|11:43] C:\Program Files\BitLord
[2008-10-08|16:36] C:\Program Files\Bonjour
[2008-09-11|15:41] C:\Program Files\CamMaestro 3.01 DU PC Camera
[2008-10-24|20:16] C:\Program Files\Circle Developement
[2008-12-21|19:01] C:\Program Files\Common Files
[2008-06-05|12:25] C:\Program Files\ComPlus Applications
[2008-09-03|15:12] C:\Program Files\DAZ
[2008-09-08|17:46] C:\Program Files\DVDVideoSoft
[2008-06-14|10:17] C:\Program Files\EA GAMES
[2008-09-15|16:06] C:\Program Files\Electronic Arts
[2008-06-06|21:21] C:\Program Files\EPSON
[2008-06-18|18:54] C:\Program Files\GIMP-2.0
[2008-10-17|17:45] C:\Program Files\Google
[2008-10-25|15:10] C:\Program Files\GPLGS
[2008-06-09|17:31] C:\Program Files\Idigicon Limited
[2008-11-06|22:24] C:\Program Files\InstallShield Installation Information
[2008-12-19|17:14] C:\Program Files\Internet Explorer
[2008-10-08|16:38] C:\Program Files\iPod
[2008-10-08|16:38] C:\Program Files\iTunes
[2008-06-21|16:47] C:\Program Files\Java
[2008-12-21|16:01] C:\Program Files\Malwarebytes' Anti-Malware
[2008-08-12|18:20] C:\Program Files\Messenger
[2008-10-24|20:16] C:\Program Files\Messenger Plus! Live
[2008-07-29|10:37] C:\Program Files\MessengerPlus! 3
[2008-06-06|17:14] C:\Program Files\Microsoft ActiveSync
[2008-06-05|12:27] C:\Program Files\microsoft frontpage
[2008-10-14|15:14] C:\Program Files\microsoft money 2005
[2008-07-09|09:57] C:\Program Files\Microsoft Office
[2008-06-06|17:03] C:\Program Files\Microsoft Works
[2008-06-06|16:56] C:\Program Files\Microsoft Works Suite 2005
[2008-06-05|12:25] C:\Program Files\Movie Maker
[2008-06-11|19:29] C:\Program Files\MSN
[2008-06-05|12:24] C:\Program Files\MSN Gaming Zone
[2008-06-25|05:20] C:\Program Files\MSXML 4.0
[2008-06-05|12:26] C:\Program Files\NetMeeting
[2008-06-06|16:21] C:\Program Files\Network Associates
[2008-12-20|23:27] C:\Program Files\NoAdware
[2008-06-05|12:24] C:\Program Files\Online Services
[2008-06-05|12:26] C:\Program Files\Outlook Express
[2008-10-31|21:26] C:\Program Files\PC Camer@
[2008-09-10|16:47] C:\Program Files\PhotoScape
[2008-06-06|18:59] C:\Program Files\ProENGINEER Schools Edition
[2008-10-08|16:34] C:\Program Files\QuickTime
[2008-07-06|14:38] C:\Program Files\RadLight Company
[2008-06-05|12:43] C:\Program Files\Realtek
[2008-11-06|17:26] C:\Program Files\Sibelius Software
[2008-10-05|13:18] C:\Program Files\SmartAudioConverter
[2008-08-07|21:28] C:\Program Files\Sony Ericsson
[2008-11-19|19:31] C:\Program Files\SpeedFan
[2008-07-23|09:50] C:\Program Files\Springy
[2008-06-21|16:47] C:\Program Files\Sun
[2008-12-20|22:20] C:\Program Files\SUPERAntiSpyware
[2008-12-20|22:33] C:\Program Files\Trend Micro
[2008-06-05|12:31] C:\Program Files\Uninstall Information
[2008-07-06|15:02] C:\Program Files\VideoLAN
[2008-06-09|19:45] C:\Program Files\Windows Live
[2008-06-22|19:40] C:\Program Files\Windows Media Connect 2
[2008-06-22|19:44] C:\Program Files\Windows Media Player
[2008-06-05|12:24] C:\Program Files\Windows NT
[2008-06-05|12:26] C:\Program Files\WindowsUpdate
[2008-10-05|13:22] C:\Program Files\WMA-MP3.com
[2008-06-05|12:27] C:\Program Files\xerox
[2008-06-06|15:41] C:\Program Files\Zone Labs
--------------------\\ Listing Folders in C:\Program Files\Common Files
[2008-11-06|22:26] C:\Program Files\Common Files\Adobe
[2008-06-06|16:27] C:\Program Files\Common Files\Ahead
[2008-09-04|06:40] C:\Program Files\Common Files\AOL
[2008-10-08|16:32] C:\Program Files\Common Files\Apple
[2008-10-30|22:31] C:\Program Files\Common Files\ArcSoft
[2008-06-06|16:21] C:\Program Files\Common Files\Cisco Systems
[2008-09-03|15:10] C:\Program Files\Common Files\DAZ
[2008-06-06|17:14] C:\Program Files\Common Files\DESIGNER
[2008-09-08|17:46] C:\Program Files\Common Files\DVDVideoSoft
[2008-09-11|15:40] C:\Program Files\Common Files\InstallShield
[2008-06-21|16:46] C:\Program Files\Common Files\Java
[2008-10-05|13:23] C:\Program Files\Common Files\Microsoft Shared
[2008-06-05|12:26] C:\Program Files\Common Files\MSSoap
[2008-06-06|16:21] C:\Program Files\Common Files\Network Associates
[2008-06-05|13:16] C:\Program Files\Common Files\ODBC
[2008-10-31|21:26] C:\Program Files\Common Files\PCCamera
[2008-06-05|12:26] C:\Program Files\Common Files\Services
[2008-08-07|21:28] C:\Program Files\Common Files\Sony Ericsson Shared
[2008-06-05|13:16] C:\Program Files\Common Files\SpeechEngines
[2008-06-06|17:14] C:\Program Files\Common Files\System
[2008-08-07|21:30] C:\Program Files\Common Files\Teleca Shared
[2008-11-06|22:26] C:\Program Files\Common Files\Vbox
[2008-06-09|19:45] C:\Program Files\Common Files\WindowsLiveInstaller
[2008-12-20|22:19] C:\Program Files\Common Files\Wise Installation Wizard
--------------------\\ Process
( 47 Processes )
... OK !
--------------------\\ Searching with S_Lop
No Lop folder found !
--------------------\\ Searching for Lop Files - Folders
C:\Program Files\Circle Developement
C:\DOCUME~1\Kevin\Cookies\kevin@advertising[1].txt
--------------------\\ Searching within the Registry
..... OK !
--------------------\\ Checking the Hosts file
Hosts file CLEAN
--------------------\\ Searching for hidden files with Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-21 19:26:15
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Searching for other infections
No other infections found !
[F:29][D:1]-> C:\DOCUME~1\Kevin\LOCALS~1\Temp
[F:130][D:0]-> C:\DOCUME~1\Kevin\Cookies
[F:277][D:4]-> C:\DOCUME~1\Kevin\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 2008-12-21|19:26 - Option : [1]
--------------------\\ Scan completed at 19:26:55
And the HijackThis log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:30, on 2008-12-21
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32vsvc32.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Network Associates\Common Framework\McTray.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Java\jre1.6.0_06\bin\jucheck.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-us\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/games/hamsterball/en/raptisoftgameloader.cab
O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} (Bebo Uploader Control) - http://www.bebo.com/files/BeboUploader.5.1.4.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1212772671768
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD42/JSCDL/jre/6u6-b90/jinstall-6u6-windows-i586-jc.cab?e=1214066843133&h=604f4c247564266db4d6a952f9e49da8/&filename=jinstall-6u6-windows-i586-jc.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) - http://www.miniclip.com/igloader/igloader.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) - https://ukgateway.logica.com/dana-cached/setup/JuniperSetupSP1.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - McAfee, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32vsvc32.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 9589 bytes
Thanks
Kevin
© 2008 Advanced PC Media LLC, all rights reserved. Tweaks.com is not affiliated with Microsoft.