hello my computer got this virus and i cant seem to shake it i tryed ad-aware,cc cleaner,spybot and i am useing avast . would like assistance in removing this please trojan-syp.win32.greenscreen !! here is my hijack this log and uninstal list
thanks
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:26:12 PM, on 8/27/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\All Users\Application Data\kpqjcjqr\avorixmn.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\kfynovkp.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\bfgclient\bfggameservices.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.yahoo.com/
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DbSet] C:\WINDOWS\system32\kfynovkp.exe
O4 - HKCU\..\Run: [procinfochk] C:\WINDOWS\system32\ifwlcpgd.exe
O4 - HKCU\..\Run: [mnthlpsmart] C:\WINDOWS\system32\ktqzatwr.exe
O4 - HKCU\..\Run: [CmdShWeb] C:\WINDOWS\system32\jqpsdepa.exe
O4 - HKCU\..\Run: [CfgAppApl] C:\WINDOWS\system32\tarmxmpg.exe
O4 - HKCU\..\Run: [StrDscCom] C:\WINDOWS\system32\rmfenoly.exe
O4 - HKLM\..\Policies\Explorer\Run: [qSzcJur7c1] C:\Documents and Settings\All Users\Application Data\kpqjcjqr\avorixmn.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {21BB8360-F943-447E-98F3-3C22345375A7} (CPlayFirstChocolatierControl Object) - http://aolsvc.aol.com/onlinegames/free-tri...eb.1.0.0.13.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/instal...nosticsxp2k.cab
O16 - DPF: {ADACAA8F-3595-47FE-9C31-9C7471B9BEC7} (OCXDownloadChecker Control) - http://subway-12413.mydtt.com/cab/OCXChecker_8000.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shock...ash/swflash.cab
O16 - DPF: {DBAFE6AD-DC14-45DF-A3F7-F8832289A1CD} (DownloadFile Control) - http://subway-12413.mydtt.com/cab/DownloadFile_8100.cab
O16 - DPF: {E41BA393-9078-424E-9554-9DB5126F5F4C} (CPlayFirstDreamChronControl Object) - http://www.shockwave.com/content/dreamchro...eb.1.0.0.13.cab
O18 - Protocol: bw+0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: bxtcqg.dll
O21 - SSODL: InfoApi - {40E7D30F-1F19-3ED8-C5DC-0066240737B3} - C:\Program Files\icbcrke\InfoApi.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O24 - Desktop Component 0: (no name) - C:\Documents and Settings\Jess\My Documents\My Pictures\New Folder\New Folder\0613071330-02.jpg
O24 - Desktop Component 1: (no name) - C:\Documents and Settings\Jess\My Documents\My Pictures\New Folder\New Folder\0402081543-00.jpg
O24 - Desktop Component 2: (no name) - C:\Documents and Settings\Jess\Desktop\kids 3.jpg
O24 - Desktop Component 3: (no name) - C:\Documents and Settings\Jess\Desktop\cait and logan (Medium).jpg
O24 - Desktop Component 4: (no name) - C:\Documents and Settings\Jess\My Documents\My Pictures\kids 2 (Small).jpg
O24 - Desktop Component 5: (no name) - C:\Documents and Settings\Jess\Desktop\kids 3 (Small).jpg

--
End of file - 21245 bytes
---------------------------------------
Ad-Aware
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Reader 8.1.2
Adobe® Photoshop® Album Starter Edition 3.0
Apple Mobile Device Support
Apple Software Update
Ares 2.0.9
Ares Vista 3.0
avast! Antivirus
Big Fish Games Client
Build In Time
CCleaner (remove only)
CDDRV_Installer
Chocolatier (remove only)
Chocolatier 2 - Secret Ingredients (remove only)
Creative MediaSource 5
Creative Software AutoUpdate
Creative System Information
DTT OnSite MultiCam Remote
DTT OnSite MultiCast Client
DTT OnSite Remote ViewLog
EA Download Manager
ERUNT 1.1j
Forgotten Riddles: The Moonlight Sonatas
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
HP Driver Diagnostics
HP Extended Capabilities 6.1
HP Image Zone 3.5
HP Imaging Device Functions 6.1
HP Photosmart Essential
HP PSC & OfficeJet 3.5
HP PSC & OfficeJet 6.1.A
HP Solution Center and Imaging Support Tools 6.1
HP Unload DLL Patch
HP Update
Ice Cream Tycoon
iDump (Backing up your iPod)
Image Resizer Powertoy for Windows XP
iTunes
Jane's Realty
Java™ 6 Update 4
Java™ 6 Update 5
Java™ 6 Update 7
Java™ SE Runtime Environment 6
KhalInstallWrapper
Logitech Desktop Messenger
Logitech Gaming Software
Logitech SetPoint
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional with FrontPage
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
MobMap 1.58
MSXML 4.0 SP2 (KB936181)
Mystery Case Files: Madame Fate™
Mystery of Unicorn Castle
NVIDIA Drivers
NVIDIA nTune
OpenAL
OpenOffice.org 2.4
Opera 9.26
overland
QuickTime
Realtek High Definition Audio Driver
RivaTuner v2.01
Road to Riches
Safari
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Spybot - Search & Destroy
Stand O'Food
Supermarket Mania
The Great Chocolate Chase
Tradewinds Legends
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Ventrilo Client
Windows Backup Utility
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Service Pack 3
World of Warcraft
Yahoo! Messenger
Yard Sale Hidden Treasures: Sunnyville

Hi and welcome to the forums here at G2G!

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

1. Please, never rename Combofix unless instructed.
2. Close any open browsers.
3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
   
   -----------------------------------------------------------
   
   
   • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
   • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
     
     -----------------------------------------------------------
   
   
   • Close any open browsers.
   • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
   • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
   • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
   
   
   -----------------------------------------------------------
4. Double click on combofix.exe & follow the prompts.
5. When finished, it will produce a report for you.
6. Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

thanks for your help this is a wonderfull service you guys /gals offer and for what its worth when i feel safe using my cards online ill donate to geeks to go ... heeres the logs you asked for
combo fix .
ComboFix 08-08-28.04 - Jess 2008-08-28 20:18:12.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1310 [GMT -6:00]
Running from: C:\Documents and Settings\Jess\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\Downloaded Program Files\setup.inf

.
((((((((((((((((((((((((( Files Created from 2008-07-28 to 2008-08-29 )))))))))))))))))))))))))))))))
.

2008-08-28 09:08 . 2008-08-28 09:08 94,208 --a------ C:\WINDOWS\system32\cvafqryt.exe
2008-08-28 02:35 . 2008-08-28 02:35 <DIR> d-------- C:\VundoFix Backups
2008-08-27 21:02 . 2008-08-27 21:02 <DIR> d-------- C:\Program Files\Alwil Software
2008-08-27 21:00 . 2008-08-27 21:00 <DIR> d-------- C:\Program Files\Trend Micro
2008-08-27 20:54 . 2008-08-27 20:54 <DIR> d-------- C:\Program Files\Common Files\Download Manager
2008-08-27 20:52 . 2008-08-27 20:52 <DIR> d-------- C:\Program Files\ERUNT
2008-08-27 20:19 . 2008-08-27 21:06 <DIR> d-------- C:\WINDOWS\SxsCaPendDel
2008-08-27 20:09 . 2008-08-27 20:09 86,016 --a------ C:\WINDOWS\system32\rmfenoly.exe
2008-08-27 20:06 . 2008-08-27 20:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SITEguard
2008-08-27 20:05 . 2008-08-27 20:05 <DIR> d-------- C:\Program Files\Common Files\iS3
2008-08-27 20:05 . 2008-08-27 20:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\STOPzilla!
2008-08-27 16:30 . 2008-08-27 16:30 86,016 --a------ C:\WINDOWS\system32\tarmxmpg.exe
2008-08-27 16:16 . 2008-08-27 16:16 86,016 --a------ C:\WINDOWS\system32\jqpsdepa.exe
2008-08-27 16:11 . 2008-08-25 18:48 3,262 --a------ C:\WINDOWS\system32\2.ico
2008-08-27 16:07 . 2008-08-27 16:22 <DIR> d-------- C:\Program Files\MSA
2008-08-27 16:07 . 2008-08-25 18:48 3,262 --a------ C:\WINDOWS\system32\1.ico
2008-08-27 07:33 . 2008-08-27 07:33 86,016 --a------ C:\WINDOWS\system32\ktqzatwr.exe
2008-08-26 19:30 . 2008-08-26 19:31 <DIR> d-------- C:\Program Files\Jane's Realty
2008-08-26 19:28 . 2008-08-26 22:15 <DIR> d-------- C:\Program Files\Road to Riches
2008-08-26 19:23 . 2008-08-26 19:23 <DIR> d-------- C:\Program Files\The Great Chocolate Chase
2008-08-26 19:02 . 2008-08-26 19:02 98,304 --a------ C:\WINDOWS\system32\ifwlcpgd.exe
2008-08-26 18:49 . 2008-08-27 20:55 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-26 18:49 . 2008-08-26 18:49 <DIR> d-------- C:\Documents and Settings\Jess\Application Data\Malwarebytes
2008-08-26 18:49 . 2008-08-26 18:49 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-26 18:49 . 2008-08-17 15:01 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-26 18:49 . 2008-08-17 15:01 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-26 17:47 . 2008-08-26 17:47 <DIR> d-------- C:\Program Files\icbcrke
2008-08-26 17:47 . 2008-08-26 17:47 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\kpqjcjqr
2008-08-26 17:47 . 2008-08-26 17:47 94,208 --a------ C:\WINDOWS\system32\kfynovkp.exe
2008-08-26 11:16 . 2008-08-26 11:17 <DIR> d-------- C:\Program Files\Mystery Case Files - Madame Fate
2008-08-26 00:03 . 2008-08-26 00:03 <DIR> d-------- C:\Program Files\Mystery of Unicorn Castle
2008-08-26 00:03 . 2008-08-26 00:03 <DIR> d-------- C:\Documents and Settings\Jess\Application Data\Meridian93
2008-08-25 22:59 . 2008-08-25 22:59 <DIR> d-------- C:\Program Files\Yard Sale Hidden Treasures - Sunnyville
2008-08-25 22:59 . 2008-08-25 22:59 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Slapdash Games
2008-08-25 00:54 . 2008-08-26 20:15 3,054 --a------ C:\WINDOWS\DMmvHost.ini
2008-08-24 23:55 . 2008-08-24 23:55 <DIR> d-------- C:\Documents and Settings\Jess\Application Data\Leadertech
2008-08-24 23:50 . 2008-08-24 23:50 3,932,214 --a------ C:\WINDOWS\wallpaper.bmp
2008-08-24 23:47 . 2008-08-24 23:47 <DIR> d-------- C:\Documents and Settings\Jess\Application Data\AdobeAUM
2008-08-24 17:23 . 2008-08-24 17:24 8 --a------ C:\WINDOWS\system32\nvModes.dat
2008-08-24 17:22 . 2008-08-24 17:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-08-24 14:01 . 2008-08-24 14:01 <DIR> d-------- C:\Program Files\Supermarket Mania
2008-08-24 03:26 . 2008-08-24 03:27 <DIR> d-------- C:\Program Files\Build In Time
2008-08-24 03:04 . 2008-08-24 03:04 <DIR> d-------- C:\Documents and Settings\Jess\Application Data\Gaijin Ent
2008-08-24 03:03 . 2008-08-24 03:04 <DIR> d-------- C:\Program Files\Stand O`Food
2008-08-23 16:36 . 2008-08-27 21:14 <DIR> d-------- C:\Program Files\Ice Cream Tycoon
2008-08-23 14:21 . 2008-08-24 02:31 <DIR> d-------- C:\Documents and Settings\Jess\Application Data\ForgottenRiddles2
2008-08-23 14:20 . 2008-08-23 14:21 <DIR> d-------- C:\Program Files\Forgotten Riddles - The Moonlight Sonatas
2008-08-23 13:59 . 2008-08-23 13:59 <DIR> d-------- C:\Program Files\Tradewinds Legends
2008-08-23 13:59 . 2008-08-23 13:59 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Sandlot Games
2008-08-22 22:24 . 2008-08-22 22:24 376 --a------ C:\WINDOWS\ODBC.INI
2008-08-22 22:23 . 2008-08-22 22:23 <DIR> d-------- C:\WINDOWS\ShellNew
2008-08-22 22:23 . 2008-08-22 22:23 <DIR> d-------- C:\Program Files\Microsoft ActiveSync
2008-08-22 20:46 . 1993-11-09 00:00 78,928 --a------ C:\WINDOWS\system\PUBOLE.DLL
2008-08-22 20:46 . 2008-08-22 20:51 147 --a------ C:\WINDOWS\viewer.ini
2008-08-22 20:46 . 2008-08-22 20:46 83 --a------ C:\WINDOWS\artgalry.ini
2008-08-21 19:16 . 2008-08-25 00:31 <DIR> d-------- C:\Documents and Settings\Jess\Application Data\Image Zone Express
2008-08-21 19:10 . 2008-08-21 19:10 <DIR> d-------- C:\Documents and Settings\Jess\Application Data\HP
2008-08-21 19:09 . 2008-08-21 19:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\HP
2008-08-21 19:04 . 2005-10-14 22:42 46,592 --a------ C:\WINDOWS\system32\hpzll43a.dll
2008-08-21 19:03 . 2008-04-13 12:45 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-08-21 19:03 . 2008-04-13 12:45 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-08-21 19:01 . 2008-08-21 19:10 110,073 --a------ C:\WINDOWS\hpoins08.dat
2008-08-21 19:01 . 2006-01-24 00:15 7,577 --------- C:\WINDOWS\hpomdl08.dat
2008-08-21 19:00 . 2005-10-27 19:24 49,664 --a------ C:\WINDOWS\system32\drivers\HPZid412.sys
2008-08-21 19:00 . 2005-10-27 19:24 16,496 --a------ C:\WINDOWS\system32\drivers\HPZipr12.sys
2008-08-21 18:59 . 2005-10-28 17:11 614,400 --a------ C:\WINDOWS\system32\hpotscl2.dll
2008-08-21 18:59 . 2005-10-28 17:11 602,112 --a------ C:\WINDOWS\system32\hpowiax2.dll
2008-08-21 18:59 . 2005-10-28 17:11 254,026 --a------ C:\WINDOWS\system32\hpovst09.dll
2008-08-21 18:59 . 2005-03-22 06:48 77,824 --a------ C:\WINDOWS\system32\hpzids01.dll
2008-08-21 18:47 . 2008-08-21 18:47 <DIR> d-------- C:\TEMP\FixEngine
2008-08-21 18:46 . 2008-08-25 00:28 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2008-08-21 16:48 . 2008-08-21 16:48 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-08-21 11:28 . 2008-08-21 11:28 <DIR> d-------- C:\Program Files\Overland
2008-08-21 11:11 . 2008-08-21 11:11 <DIR> d-------- C:\Program Files\Common Files\Hewlett-Packard
2008-08-21 11:11 . 2003-12-11 11:15 626,960 -ra------ C:\WINDOWS\system32\hpvaut32.dll
2008-08-21 11:11 . 2003-12-11 11:15 487,424 -ra------ C:\WINDOWS\system32\hpvcp70.dll
2008-08-21 11:11 . 2003-12-11 11:15 344,064 -ra------ C:\WINDOWS\system32\hpvcr70.dll
2008-08-21 11:11 . 2003-12-11 11:15 44,544 -ra------ C:\WINDOWS\system32\MSXML4a.dll
2008-08-21 11:09 . 2008-08-21 19:07 <DIR> d-------- C:\Program Files\Common Files\HP
2008-08-21 11:08 . 2008-08-21 11:08 <DIR> d-------- C:\WINDOWS\system32\URTTemp
2008-08-21 10:50 . 2004-01-05 01:30 38,867 --------- C:\WINDOWS\hpomdl03.dat.temp
2008-08-21 10:50 . 2008-08-21 10:31 29,055 --------- C:\WINDOWS\hpoins03.dat.temp
2008-08-21 10:30 . 2004-01-05 01:30 38,867 --------- C:\WINDOWS\hpomdl03.dat
2008-08-21 10:30 . 2008-08-21 11:12 29,090 --a------ C:\WINDOWS\hpoins03.dat
2008-08-21 10:25 . 2008-08-26 23:20 <DIR> d-------- C:\WINDOWS\system32\NtmsData
2008-08-21 10:20 . 2008-08-21 19:07 <DIR> d-------- C:\Program Files\HP
2008-08-21 10:13 . 2008-04-13 12:47 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-08-21 10:13 . 2008-04-13 12:47 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys
2008-08-19 21:41 . 2008-08-19 21:41 <DIR> d-------- C:\Program Files\Yahoo! Games
2008-08-16 17:55 . 2008-08-16 17:55 <DIR> d-------- C:\Program Files\Citrix
2008-08-16 17:54 . 2008-08-16 17:54 60,744 --a------ C:\Documents and Settings\Jess\g2mdlhlpx.exe
2008-08-16 16:36 . 2008-08-16 16:36 4 --a------ C:\WINDOWS\ViewlogAddressBook.db
2008-08-16 16:34 . 2008-08-26 20:10 22 --a------ C:\WINDOWS\LanViewlog.ini
2008-08-16 16:34 . 2008-08-26 20:10 22 --a------ C:\WINDOWS\LanViewlog.dat
2008-08-16 16:30 . 2008-08-16 16:30 0 --a------ C:\WINDOWS\DTT OnSite MultiCast Client.INI
2008-08-16 16:29 . 2008-08-16 17:57 684 --a------ C:\WINDOWS\GeoMCast.ini
2008-08-16 16:28 . 2008-08-16 16:28 <DIR> d-------- C:\Program Files\DTT OnSite
2008-08-14 19:28 . 2008-04-11 13:04 691,712 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
2008-08-14 19:28 . 2008-05-01 08:33 331,776 -----c--- C:\WINDOWS\system32\dllcache\msadce.dll
2008-08-10 09:24 . 2004-08-04 13:00 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-08-10 09:12 . 2008-08-10 09:12 <DIR> d-------- C:\WINDOWS\system32\scripting
2008-08-10 09:12 . 2008-08-10 09:12 <DIR> d-------- C:\WINDOWS\system32\en
2008-08-10 09:12 . 2008-08-10 09:12 <DIR> d-------- C:\WINDOWS\system32\bits
2008-08-10 09:12 . 2008-08-10 09:12 <DIR> d-------- C:\WINDOWS\l2schemas
2008-08-10 09:10 . 2008-08-10 09:10 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-08-10 09:06 . 2008-08-10 09:06 <DIR> d-------- C:\WINDOWS\EHome
2008-08-10 01:10 . 2008-04-13 18:11 1,888,992 --------- C:\WINDOWS\system32\ati3duag.dll
2008-08-05 21:50 . 2008-08-27 21:21 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-05 21:49 . 2008-08-05 21:49 <DIR> d-------- C:\Program Files\bfgclient
2008-08-05 21:48 . 2008-08-05 21:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\BigFishGamesCache
2008-08-03 23:12 . 2008-08-26 19:24 <DIR> d-------- C:\Documents and Settings\Jess\Application Data\PlayFirst
2008-08-03 23:12 . 2008-08-26 19:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PlayFirst
2008-08-03 22:35 . 2008-08-10 00:26 <DIR> d-------- C:\Program Files\AOL Games
2008-08-03 22:35 . 2008-08-03 22:35 <DIR> d-------- C:\Documents and Settings\Jess\Application Data\GamesCafe
2008-08-03 22:35 . 2008-08-03 22:35 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Trymedia
2008-08-03 22:35 . 2008-08-03 22:35 4,096 --a------ C:\WINDOWS\d3dx.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-27 03:39 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-08-25 05:55 --------- d-----w C:\Documents and Settings\Jess\Application Data\AdobeUM
2008-08-23 03:51 --------- d-----w C:\Documents and Settings\Jess\Application Data\OpenOffice.org2
2008-08-20 02:43 --------- d-----w C:\Program Files\Java
2008-08-16 22:28 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-08-06 03:49 0 ----a-w C:\Program Files\temp01
2008-08-04 03:03 23 ----a-w C:\Documents and Settings\Jess\jagex_runescape_preferences.dat
2008-07-26 06:22 --------- d-----w C:\Program Files\World of Warcraft
2008-07-20 06:08 --------- d-----w C:\Program Files\Common Files\Blizzard Entertainment
2008-07-20 02:59 --------- d-----w C:\Program Files\RegCure
2008-07-20 02:43 --------- d-----w C:\Program Files\Universal
2008-07-20 02:34 --------- d-----w C:\Program Files\DTT31
2008-07-19 04:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-19 04:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-19 04:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-19 04:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-19 04:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-19 04:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-19 04:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-19 04:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-07 20:26 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-04 03:56 --------- d-----w C:\Program Files\OpenOffice.org 2.4
2008-06-24 16:43 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-23 16:57 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:46 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 18:12 15360]
"NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 20:25 81920]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-04-13 18:12 1695232]
"DbSet"="C:\WINDOWS\system32\kfynovkp.exe" [2008-08-26 17:47 94208]
"procinfochk"="C:\WINDOWS\system32\ifwlcpgd.exe" [2008-08-26 19:02 98304]
"mnthlpsmart"="C:\WINDOWS\system32\ktqzatwr.exe" [2008-08-27 07:33 86016]
"CmdShWeb"="C:\WINDOWS\system32\jqpsdepa.exe" [2008-08-27 16:16 86016]
"CfgAppApl"="C:\WINDOWS\system32\tarmxmpg.exe" [2008-08-27 16:30 86016]
"StrDscCom"="C:\WINDOWS\system32\rmfenoly.exe" [2008-08-27 20:09 86016]
"MntActChk"="C:\WINDOWS\system32\cvafqryt.exe" [2008-08-28 09:08 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-11-13 15:26 8523776]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-11-13 15:26 81920]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 15:18 241664]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 16:24 54840]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 08:38 78008]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-26 18:25 16120832 C:\WINDOWS\RTHDCPL.exe]
"nwiz"="nwiz.exe" [2007-11-13 15:27 1626112 C:\WINDOWS\system32\nwiz.exe]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-09-21 04:10 55824 C:\WINDOWS\KHALMNPR.Exe]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-09-21 04:10 55824 C:\WINDOWS\KHALMNPR.Exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"qSzcJur7c1"="C:\Documents and Settings\All Users\Application Data\kpqjcjqr\avorixmn.exe" [2008-08-26 17:47 61440]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-12-15 11:40:44 282624]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-12-27 17:46:21 450560]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-12-27 17:44:29 784912]

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= C:\Documents and Settings\Jess\My Documents\My Pictures\New Folder\New Folder\0613071330-02.jpg
FriendlyName=

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\1]
Source= C:\Documents and Settings\Jess\My Documents\My Pictures\New Folder\New Folder\0402081543-00.jpg
FriendlyName=

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\2]
Source= C:\Documents and Settings\Jess\Desktop\kids 3.jpg
FriendlyName=

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\3]
Source= C:\Documents and Settings\Jess\Desktop\cait and logan (Medium).jpg
FriendlyName=

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\4]
Source= C:\Documents and Settings\Jess\My Documents\My Pictures\kids 2 (Small).jpg
FriendlyName=

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\5]
Source= C:\Documents and Settings\Jess\Desktop\kids 3 (Small).jpg
FriendlyName=

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"InfoApi"= {40E7D30F-1F19-3ED8-C5DC-0066240737B3} - C:\Program Files\icbcrke\InfoApi.dll [2008-08-26 17:47 126976]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2007-11-15 11:10 72208 c:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=bxtcqg.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.iv50"= C:\WINDOWS\ir50_32.dll
"vidc.mpg4"= C:\WINDOWS\mpg4c32.dll
"vidc.mpg2"= C:\WINDOWS\mpg4c32.dll
"vidc.mpg3"= C:\WINDOWS\mpg4c32.dll
"vidc.MJPG"= C:\WINDOWS\m3jpeg32.dll
"vidc.dmb1"= C:\WINDOWS\m3jpeg32.dll
"vidc.GEOX"= C:\WINDOWS\system32\GeoCodec.dll
"vidc.GEOV"= C:\WINDOWS\system32\GeoCodec.dll
"vidc.GEOS"= C:\WINDOWS\system32\GeoCodecD.dll
"vidc.GM20"= C:\WINDOWS\system32\GXGM20.dll
"vidc.GMP4"= C:\WINDOWS\system32\GXAMP4.dll
"vidc.GM40"= C:\WINDOWS\system32\GXAMP4.dll
"vidc.GM4H"= C:\WINDOWS\system32\GXAMP4D.dll
"vidc.GM4S"= C:\WINDOWS\system32\GXAMP4D.dll
"vidc.G264"= C:\WINDOWS\system32\GX264.dll
"vidc.G26S"= C:\WINDOWS\system32\GX264D.dll
"msacm.geoadpcm"= C:\WINDOWS\system32\GeoADPCM.acm
"Test"= Install Codec

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dllschannel.dlldigest.dllmsnsspc.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Jess^Start Menu^Programs^Startup^OpenOffice.org 2.4.lnk]
path=C:\Documents and Settings\Jess\Start Menu\Programs\Startup\OpenOffice.org 2.4.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.4.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
--a------ 2005-06-06 23:46 57344 C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 23:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D3DOverrider]
--a------ 2007-04-29 11:05 49152 C:\Program Files\RivaTuner v2.01\Tools\D3DOverrider\D3DOverrider.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a------ 2007-08-30 17:43 4670704 C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\World of Warcraft\\WoW-1.12.0-enUS-downloader.exe"=
"C:\\WINDOWS\\system32\\dxdiag.exe"=
"C:\\WINDOWS\\system32\\dpnsvr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\DTT31\\MultiCam\\MultiCam.exe"=
"C:\\Program Files\\World of Warcraft\\Repair.exe"=
"C:\\Program Files\\World of Warcraft\\WoW-1.12.x-to-2.0.1-enUS-patch-downloader.exe"=
"C:\\Program Files\\DTT OnSite\\OnSite MultiCast Client\\DTT OnSite MultiCast Client.exe"=
"C:\\WINDOWS\\system32\\mshta.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 08:35]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 08:37]
R2 LBeepKE;LBeepKE;C:\WINDOWS\system32\Drivers\LBeepKE.sys [2006-06-30 01:53]
S3 bcgame;Nostromo HID Device Minidriver;C:\WINDOWS\system32\drivers\bcgame.sys []
S3 ha20x2k;Creative 20X HAL Driver;C:\WINDOWS\system32\drivers\ha20x2k.sys []

*Newly Created Service* - AAVMKER4
*Newly Created Service* - ASWFSBLK
*Newly Created Service* - ASWMON2
*Newly Created Service* - ASWRDR
*Newly Created Service* - ASWSP
*Newly Created Service* - ASWTDI
*Newly Created Service* - ASWUPDSV
*Newly Created Service* - AVAST!_ANTIVIRUS
*Newly Created Service* - AVAST!_MAIL_SCANNER
*Newly Created Service* - AVAST!_WEB_SCANNER
*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder

2008-08-28 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 15:57]

2008-08-28 C:\WINDOWS\Tasks\RegCure Program Check.job
- C:\Program Files\RegCure\RegCure.exe []

2008-08-28 C:\WINDOWS\Tasks\RegCure.job
- C:\Program Files\RegCure\RegCure.exe []
.
- - - - ORPHANS REMOVED - - - -

Toolbar-SITEguard - (no file)


.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page =
R1 -: HKCU-Internet Connection Wizard,ShellNext = hxxp://www.yahoo.com/
O8 -: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O18 -: Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O16 -: {21BB8360-F943-447E-98F3-3C22345375A7} - hxxp://aolsvc.aol.com/onlinegames/free-trial-chocolatier/ChocolatierWeb.1.0.0.13.cab
C:\WINDOWS\Downloaded Program Files\Chocolatier.1.0.0.13.inf
C:\WINDOWS\Downloaded Program Files\Chocolatier.1.0.0.13.dll

O16 -: {ADACAA8F-3595-47FE-9C31-9C7471B9BEC7} - hxxp://subway-12413.mydtt.com/cab/OCXChecker_8000.cab
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\OCXDownloadChecker.inf
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\OCXDownloadChecker_8000.ocx

O16 -: {DBAFE6AD-DC14-45DF-A3F7-F8832289A1CD} - hxxp://subway-12413.mydtt.com/cab/DownloadFile_8100.cab
C:\WINDOWS\Downloaded Program Files\Download.inf
C:\WINDOWS\Downloaded Program Files\Download_8100.ocx

O16 -: {E41BA393-9078-424E-9554-9DB5126F5F4C} - hxxp://www.shockwave.com/content/dreamchronicles2/sis/dream2web.1.0.0.13.cab
C:\WINDOWS\Downloaded Program Files\DreamChronicles2Web.1.0.0.13.inf
C:\WINDOWS\Downloaded Program Files\DreamChronicles2Web.1.0.0.13.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-28 20:20:08
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-08-28 20:21:55
ComboFix-quarantined-files.txt 2008-08-29 02:21:51

Pre-Run: 37,432,397,824 bytes free
Post-Run: 37,537,411,072 bytes free

348 --- E O F --- 2008-08-23 00:58:38
and hijack this
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:25:33 PM, on 8/28/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\All Users\Application Data\kpqjcjqr\avorixmn.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\kfynovkp.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.yahoo.com/
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DbSet] C:\WINDOWS\system32\kfynovkp.exe
O4 - HKCU\..\Run: [procinfochk] C:\WINDOWS\system32\ifwlcpgd.exe
O4 - HKCU\..\Run: [mnthlpsmart] C:\WINDOWS\system32\ktqzatwr.exe
O4 - HKCU\..\Run: [CmdShWeb] C:\WINDOWS\system32\jqpsdepa.exe
O4 - HKCU\..\Run: [CfgAppApl] C:\WINDOWS\system32\tarmxmpg.exe
O4 - HKCU\..\Run: [StrDscCom] C:\WINDOWS\system32\rmfenoly.exe
O4 - HKCU\..\Run: [MntActChk] C:\WINDOWS\system32\cvafqryt.exe
O4 - HKLM\..\Policies\Explorer\Run: [qSzcJur7c1] C:\Documents and Settings\All Users\Application Data\kpqjcjqr\avorixmn.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {21BB8360-F943-447E-98F3-3C22345375A7} (CPlayFirstChocolatierControl Object) - http://aolsvc.aol.com/onlinegames/free-tri...eb.1.0.0.13.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/instal...nosticsxp2k.cab
O16 - DPF: {ADACAA8F-3595-47FE-9C31-9C7471B9BEC7} (OCXDownloadChecker Control) - http://subway-12413.mydtt.com/cab/OCXChecker_8000.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shock...ash/swflash.cab
O16 - DPF: {DBAFE6AD-DC14-45DF-A3F7-F8832289A1CD} (DownloadFile Control) - http://subway-12413.mydtt.com/cab/DownloadFile_8100.cab
O16 - DPF: {E41BA393-9078-424E-9554-9DB5126F5F4C} (CPlayFirstDreamChronControl Object) - http://www.shockwave.com/content/dreamchro...eb.1.0.0.13.cab
O18 - Protocol: bw+0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B47D33CE-F087-491C-B331-C76B1D5567C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\