ComboFix 10-01-30.07 - Owner 31/01/2010 17:19:41.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2038.1436 [GMT 0:00]
Running from: c:\documents and settings\Owner\My Documents\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Owner\Application Data\SystemProc
C:\LOG.TXT
c:\program files\Mozilla Firefox\extensions\{8CE11043-9A15-4207-A565-0C94C42D590D}
c:\program files\Mozilla Firefox\extensions\{8CE11043-9A15-4207-A565-0C94C42D590D}\chrome.manifest
c:\program files\Mozilla Firefox\extensions\{8CE11043-9A15-4207-A565-0C94C42D590D}\chrome\content\timer.xul
c:\program files\Mozilla Firefox\extensions\{8CE11043-9A15-4207-A565-0C94C42D590D}\install.rdf
c:\windows\system32\Thumbs.db
.
((((((((((((((((((((((((( Files Created from 2009-12-28 to 2010-01-31 )))))))))))))))))))))))))))))))
.
2010-01-31 16:32 . 2010-01-31 16:32 178688 --sha-w- c:\documents and settings\Owner\Local Settings\Application Data\av.exe
2010-01-24 09:41 . 2010-01-24 09:42 -------- d-----w- c:\documents and settings\Owner\Application Data\GetRightToGo
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-19 20:41 . 2008-10-31 14:44 -------- d-----w- c:\documents and settings\Owner\Application Data\LimeWire
2010-01-12 06:20 . 2008-09-08 15:55 -------- d-----w- c:\program files\World of Warcraft
2010-01-05 04:53 . 2009-12-05 02:04 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-01-01 05:09 . 2010-01-01 05:09 36884 ---ha-w- c:\windows\system32\mlfcache.dat
2010-01-01 03:53 . 2008-09-27 11:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-12-29 14:02 . 2009-12-29 01:36 118256 ----a-w- c:\windows\system32\R-EJ-O-_0tQK.exe
2009-12-27 20:10 . 2008-10-06 17:52 -------- d-----w- c:\documents and settings\Owner\Application Data\Skype
2009-12-27 19:46 . 2008-10-06 17:58 -------- d-----w- c:\documents and settings\Owner\Application Data\skypePM
2009-12-26 05:24 . 2009-12-26 05:24 1191936 ----a-w- c:\windows\system32\z2b4kwnD4.dll
2009-12-15 00:37 . 2008-09-14 12:13 -------- d-----w- c:\documents and settings\Owner\Application Data\dvdcss
2009-12-11 21:17 . 2009-12-08 17:48 78596 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-12-11 21:17 . 2009-12-08 17:48 5788192 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-12-11 21:17 . 2009-12-08 17:48 11492 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-12-11 21:17 . 2009-12-08 17:48 111136 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-12-11 20:54 . 2009-12-08 17:15 -------- d-----w- c:\program files\Common Files\ParetoLogic
2009-12-11 20:54 . 2009-12-08 17:15 -------- d-----w- c:\documents and settings\All Users\Application Data\ParetoLogic
2009-12-11 20:32 . 2009-12-08 01:16 -------- d-sh--w- c:\documents and settings\Owner\Application Data\System
2009-12-11 19:40 . 2009-10-14 16:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-11 19:39 . 2009-12-11 19:39 4844296 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-12-09 05:17 . 2009-12-08 01:21 120 ----a-w- c:\windows\Ifeseyojiyedoh.dat
2009-12-09 00:49 . 2009-12-08 01:21 0 ----a-w- c:\windows\Twupewoqanedev.bin
2009-12-08 17:49 . 2009-12-08 17:49 125952 ----a-w- c:\documents and settings\All Users\Application Data\ParetoLogic\UUS2\Temp\Update.exe
2009-12-08 17:15 . 2009-12-08 17:15 -------- d-----w- c:\documents and settings\All Users\Application Data\ParetoLogic Anti-Virus PLUS
2009-12-08 02:36 . 2009-12-08 01:18 -------- d-----w- c:\documents and settings\All Users\Application Data\a78badf
2009-12-08 01:18 . 2009-12-08 01:18 -------- d-sh--w- c:\documents and settings\All Users\Application Data\WSKJPIQD_APDM
2009-12-08 01:16 . 2009-12-08 01:16 -------- d-----w- c:\documents and settings\Owner\Application Data\Mozilla Firefox
2009-12-05 02:03 . 2009-12-05 02:03 -------- d-----w- c:\program files\Easy CD-DA Extractor 12
2009-12-05 02:03 . 2009-12-05 02:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Easy CD-DA Extractor
2009-12-03 16:14 . 2009-10-14 16:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-03 16:13 . 2009-10-14 16:14 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-21 16:36 . 2006-04-30 06:55 470528 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-21 13:37 . 2008-07-26 11:28 43536 ----a-w- c:\documents and settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-11-06 13:49 . 2009-12-08 01:18 457688 ----a-w- c:\documents and settings\All Users\Application Data\a78badf\sqlite3.dll
2009-11-06 13:49 . 2009-12-08 01:18 722392 ----a-w- c:\documents and settings\All Users\Application Data\a78badf\mozcrt19.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f6e5180e-0c46-e5c9-9406-a1ccd9357ffb}]
2009-12-26 05:24 1191936 ----a-w- c:\windows\system32\z2b4kwnD4.dll
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HallsLogon_Old_New_S.exe [2008-7-4 937984]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ATFUS]
2007-05-31 20:57 155648 ----a-w- c:\windows\system32\FpWinlogonNp.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-03 11:51 11952 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
2006-12-14 02:06 28672 ------w- c:\program files\Lenovo\HOTKEY\tphklock.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HallsLogon_Old_New_S.exe]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HallsLogon_Old_New_S.exe
backup=c:\windows\pss\HallsLogon_Old_New_S.exeCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FingerPrintSoftware]
c:\program files\Lenovo Fingerprint Software\fpapp.exe \s [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
2006-08-30 07:40 89542 ------w- c:\windows\AGRSMMSG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMSG]
2007-02-01 18:00 439856 ------w- c:\program files\ThinkVantage\AMSG\Amsg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY]
2009-12-11 17:21 2043160 ----a-w- c:\progra~1\AVG\AVG8\avgtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AwaySch]
2006-11-07 10:51 91688 ------w- c:\program files\Lenovo\AwayTask\AwaySch.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]
2007-08-23 07:36 53248 ------w- c:\program files\Realtek\Audio\InstallShield\AzMixerSel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
2007-11-16 19:20 91432 ------r- c:\program files\CyberLink\Shared files\brs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-06-28 02:03 152872 ------w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\btbb_McciTrayApp]
2007-11-01 03:39 1475072 ----a-w- c:\program files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\btbb_wcm_McciTrayApp]
2007-11-29 12:30 1474048 ----a-w- c:\program files\BT Broadband Desktop Help\btbb_wcm\McciTrayApp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cssauth]
2007-08-03 23:35 2630968 ------w- c:\program files\Lenovo\Client Security Solution\cssauth.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2004-08-04 12:00 15360 ------w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiskeeperSystray]
2006-05-18 23:24 196696 ------w- c:\program files\Diskeeper Corporation\Diskeeper\DkIcon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2008-12-18 13:28 178712 ----a-w- c:\windows\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2008-12-18 13:28 150040 ----a-w- c:\windows\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2004-07-27 23:50 221184 ------w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2004-07-27 23:50 81920 ------w- c:\program files\Common Files\Installshield\UpdateService\issch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-09-21 16:36 305440 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2007-10-11 19:06 62760 ------w- c:\program files\CyberLink\PowerDVD\Language\Language.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LPManager]
2007-04-26 17:10 120368 ------w- c:\progra~1\Lenovo\LENOVO~2\LPMGR.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-07-26 16:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 22:57 153136 ------w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nmapp]
2007-03-14 22:42 321088 ------w- c:\program files\Pure Networks\Network Magic\nmapp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2008-12-18 13:28 150040 ----a-w- c:\windows\system32\igfxpers.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMHandler]
2007-03-16 12:26 31840 ------w- c:\progra~1\Lenovo\PMDRIV~1\PMHandler.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-09-05 01:54 417792 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2007-10-28 16:35 72736 ------w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2007-08-10 07:21 16384000 ----a-w- c:\windows\RTHDCPL.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2uvc]
2006-12-29 02:48 569344 ----a-w- c:\windows\vsnp2uvc.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2008-06-10 03:27 144784 ------w- c:\program files\Java\jre1.6.0_07\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2006-05-19 05:51 774233 ------w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPFNF7]
2007-04-09 18:03 58416 ------w- c:\program files\Lenovo\NPDIRECT\tpfnf7sp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPWAUDAP]
2006-09-06 07:38 54824 ------w- c:\program files\Lenovo\HOTKEY\TpWAudAp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVT Scheduler Proxy]
2008-03-04 10:34 487424 ----a-w- c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2006-10-18 19:05 204288 ------w- c:\program files\Windows Media Player\wmpnscfg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\utorent.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader
"6112:TCP"= 6112:TCP:Blizzard Downloader
"10622:TCP"= 10622:TCP:WaR1
"8040:TCP"= 8040:TCP:WaR2
"8041:TCP"= 8041:TCP:WaR3
"8042:TCP"= 8042:TCP:WaR4
"8043:TCP"= 8043:TCP:WaR4
"8044:TCP"= 8044:TCP:WaR5
"8045:TCP"= 8045:TCP:WaR6
"8046:TCP"= 8046:TCP:WaR7
"8047:TCP"= 8047:TCP:WaR8
"1024:UDP"= 1024:UDP:WaR10
"65535:UDP"= 65535:UDP:WaR11
"6881:TCP"= 6881:TCP:WaR12
"6882:TCP"= 6882:TCP:WaR13
"6883:TCP"= 6883:TCP:WaR13
"6884:TCP"= 6884:TCP:WaR14
"6885:TCP"= 6885:TCP:WaR15
"6886:TCP"= 6886:TCP:WaR16
"6887:TCP"= 6887:TCP:WaR17
"6888:TCP"= 6888:TCP:WaR18
"6889:TCP"= 6889:TCP:WaR19
"6969:TCP"= 6969:TCP:WaR16
"6881:UDP"= 6881:UDP:WaR20
"6882:UDP"= 6882:UDP:WaR21
"6883:UDP"= 6883:UDP:WaR22
"6884:UDP"= 6884:UDP:WaR23
"6885:UDP"= 6885:UDP:WaR24
"6886:UDP"= 6886:UDP:WaR25
"6887:UDP"= 6887:UDP:WaR26
"6888:UDP"= 6888:UDP:WaR27
"6889:UDP"= 6889:UDP:WaR28
"6969:UDP"= 6969:UDP:WaR29
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [03/08/2009 11:51 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [03/08/2009 11:51 108552]
R1 PMHler;PMHler;c:\windows\system32\drivers\PMHler.sys [24/05/2006 18:48 10240]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [03/08/2009 11:50 297752]
R2 FingerprintServer;Fingerprint Server;c:\windows\system32\FpLogonServ.exe [22/06/2007 18:45 106496]
R2 FNF5SVC;Fn+F5 Service;c:\program files\Lenovo\HOTKEY\FnF5svc.exe [11/05/2007 02:22 54832]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe [08/02/2007 20:11 569344]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [22/05/2007 22:59 30336]
S1 egh15de;egh15de;c:\windows\system32\drivers\egh15de.sys --> c:\windows\system32\drivers\egh15de.sys [?]
S1 eklbcbe;eklbcbe;c:\windows\system32\drivers\eklbcbe.sys --> c:\windows\system32\drivers\eklbcbe.sys [?]
S1 ekmbb2e;ekmbb2e;c:\windows\system32\drivers\ekmbb2e.sys --> c:\windows\system32\drivers\ekmbb2e.sys [?]
S1 fgna207;fgna207;c:\windows\system32\drivers\fgna207.sys --> c:\windows\system32\drivers\fgna207.sys [?]
S1 mnp0fe2;mnp0fe2;c:\windows\system32\drivers\mnp0fe2.sys --> c:\windows\system32\drivers\mnp0fe2.sys [?]
S1 mstd742;mstd742;c:\windows\system32\drivers\mstd742.sys --> c:\windows\system32\drivers\mstd742.sys [?]
S1 oacb548;oacb548;c:\windows\system32\drivers\oacb548.sys --> c:\windows\system32\drivers\oacb548.sys [?]
S1 opr3fc8;opr3fc8;c:\windows\system32\drivers\opr3fc8.sys --> c:\windows\system32\drivers\opr3fc8.sys [?]
S1 pqd9b09;pqd9b09;c:\windows\system32\drivers\pqd9b09.sys --> c:\windows\system32\drivers\pqd9b09.sys [?]
S1 prd95b9;prd95b9;c:\windows\system32\drivers\prd95b9.sys --> c:\windows\system32\drivers\prd95b9.sys [?]
S1 sab45a8;sab45a8;c:\windows\system32\drivers\sab45a8.sys --> c:\windows\system32\drivers\sab45a8.sys [?]
S1 tbh8e29;tbh8e29;c:\windows\system32\drivers\tbh8e29.sys --> c:\windows\system32\drivers\tbh8e29.sys [?]
S3 kbeepm;kbeepm;\??\c:\docume~1\Owner\LOCALS~1\Temp\kbeepm.sys --> c:\docume~1\Owner\LOCALS~1\Temp\kbeepm.sys [?]
.
Contents of the 'Scheduled Tasks' folder
2010-01-25 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://scanyourpc-onlinex.com/pr.cgi?id=2847
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{08E730A4-FB02-45BD-A900-01E4AD8016F6} -
Sky.com - your home for the latest news, sport and entertainment
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\truj5vq4.default\
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{61281789-a863-5613-fa76-21bfff233bff}\components\JCluyp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -
AddRemove-HijackThis - c:\documents and settings\Owner\My Documents\Downloads\HijackThis.exe