Ran both programs. Here's comboscan.txt - notepad
ComboScan v20070226.18 run by Owner on 2007-02-27 at 15:14:50
Computer is in Normal Mode.
--------------------------------------------------------------------------------
System Restore was disabled; re-enabling.
Failed to create restore point: System Restore is disabled (service is not running).
Performed disk cleanup.
-- HijackThis (run as Owner.exe) ------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 3:15:44 PM, on 2/27/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\LTMSG.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Owner\Desktop\comboscan.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Program Files\Symantec\LiveUpdate\AUPDATE.EXE
C:\DOCUME~1\Owner\Desktop\Owner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://spawn.com/R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Band Class - {0007522A-2297-43C1-8EB1-C90B0FF20DA5} - C:\WINDOWS\enhtb.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: SDWin32 Class - {5FA6752A-C4A0-4222-88C2-928AE5AB4966} - C:\WINDOWS\System32\SWin32.dll (file missing)
O2 - BHO: (no name) - {A37A04E5-9378-B9AE-7E43-9EECAF911DC5} - C:\WINDOWS\System32\miwcvy.dll (file missing)
O2 - BHO: (no name) - {E9322A73-BBEA-9335-B598-E64BB5475895} - C:\WINDOWS\System32\vevvmrs.dll (file missing)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\HP\Digital Imaging\\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [mYj] C:\documents and settings\owner\local settings\temp\mYj.exe
O4 - HKLM\..\Run: [zNO4A7b2w] C:\documents and settings\owner\local settings\temp\zNO4A7b2w.exe
O4 - HKLM\..\Run: [2P6WFAX43ZHE7C] C:\WINDOWS\System32\Upwt.exe
O4 - HKLM\..\Run: [Adstartup] C:\WINDOWS\System32\automove.exe
O4 - HKLM\..\Run: [9bec9133e6f0] C:\WINDOWS\System32\CEWMDM73.exe
O4 - HKLM\..\Run: [AutoLoaderos0c1QLTXIXa] "C:\WINDOWS\System32\inkc32gt.exe"
O4 - HKLM\..\Run: [oFrW3EW] inkc32gt.exe
O4 - HKLM\..\Run: [AutoLoaderroygbbv] "C:\DOCUME~1\Owner\LOCALS~1\Temp\tmp7670.exe" /PC="AM.WILD"
O4 - HKLM\..\Run: [pzipt12h] C:\WINDOWS\System32\pzipt12h.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [McaHV7qNj] C:\windows\system32\McaHV7qNj.exe
O4 - HKLM\..\Run: [aqyjnzxc] c:\windows\system32\aqyjnzxc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [Zo06ROa7g] ipcinst.exe
O4 - HKCU\..\Run: [Notn] "C:\Program Files\apsi\wtta.exe" -vt rbnd
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: (no name) - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\ms.exe (file missing)
O9 - Extra 'Tools' menuitem: MaxSpeed - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\ms.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted IP range: 213.159.118.228
O16 - DPF: {10000000-0000-0000-0000-000000000000} -
http://213.159.118.226/x/x.exeO16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) -
http://www.symantec....rl/LSSupCtl.cabO16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) -
http://tools.ebayimg...l_v1-0-3-12.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupd...b?1094001595500O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) -
http://www.symantec....rl/SymAData.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{0F108C20-E3DF-4BBA-A035-734E0C8F1EA4}: NameServer = 205.152.144.23 205.152.132.23
O17 - HKLM\System\CS1\Services\Tcpip\..\{0F108C20-E3DF-4BBA-A035-734E0C8F1EA4}: NameServer = 205.152.144.23 205.152.132.23
O17 - HKLM\System\CS2\Services\Tcpip\..\{0F108C20-E3DF-4BBA-A035-734E0C8F1EA4}: NameServer = 205.152.144.23 205.152.132.23
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Windows System Uninstaller (HackerDefender100) - Unknown owner - C:\WINDOWS\winunins.exe (file missing)
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\isPwdSvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe (file missing)
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
-- File Associations ------------------------------------------------------------
.bat - batfile - "%1" %*
.chm - chm.file - "C:\WINDOWS\hh.exe" %1
.cmd - cmdfile - "%1" %*
.com - comfile - "%1" %*
.exe - exefile - "%1" %*
.hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - {00021401-0000-0000-C000-000000000046}
.pif - piffile - "%1" %*
.reg - regfile - regedit.exe "%1"
.scr - scrfile - "%1" /S
.txt - txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1
.vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %*
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ----------------------
1R AFS2K - C:\WINDOWS\system32\drivers\AFS2K.SYS
3R ALCXWDM (Service for Realtek AC97 Audio (WDM)) - C:\WINDOWS\system32\drivers\ALCXWDM.SYS
1R AmdK7 (AMD K7 Processor Driver) - C:\WINDOWS\system32\drivers\amdk7.sys
3R Arp1394 (1394 ARP Client Protocol) - C:\WINDOWS\system32\drivers\arp1394.sys
3S AvFlt (Antivirus Filter Driver) - C:\WINDOWS\system32\drivers\av5flt.sys (not found)
3S CCDECODE (Closed Caption Decoder) - C:\WINDOWS\system32\drivers\ccdecode.sys
3S ComFiltr (Panda Anti-Dialer) - C:\WINDOWS\system32\drivers\COMFiltr.sys
3S DCamUSBEMPIA (ConvertX AV100U A/V Capture) - C:\WINDOWS\system32\drivers\emDevice.sys
1R eeCtrl (Symantec Eraser Control driver) - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
3S emAudio (ConvertX AV100U A/V Capture Audio) - C:\WINDOWS\system32\drivers\emAudio.sys
0R fasttx2k - C:\WINDOWS\system32\drivers\Fasttx2k.sys
3R FETND5BV (VIA Rhine-Family Fast Ethernet Adapter Driver Service) - C:\WINDOWS\system32\drivers\fetnd5bv.sys
3S FETNDISB (VIA Rhine Family Fast Ethernet Adapter Driver Service) - C:\WINDOWS\system32\drivers\fetnd5b.sys
3S FiltUSBEMPIA (USB Device Lower Filter) - C:\WINDOWS\system32\drivers\emFilter.sys
3S HackerDefenderDrv100 - C:\WINDOWS\hxdefdrv.sys (not found)
3S ialm - C:\WINDOWS\system32\drivers\ialmnt5.sys
3R ltmodem5 (Agere Modem Driver) - C:\WINDOWS\system32\drivers\ltmdmnt.sys
3S MSTEE (Microsoft Streaming Tee/Sink-to-Sink Converter) - C:\WINDOWS\system32\drivers\mstee.sys
3R MxlW2k - C:\WINDOWS\system32\drivers\MxlW2k.sys
3S NABTSFEC (NABTS/FEC VBI Codec) - C:\WINDOWS\system32\drivers\nabtsfec.sys
3R NAVENG - C:\Program Files\Common Files\Symantec Shared\VirusDefs\20070226.036\NAVENG.SYS
3R NAVEX15 - C:\Program Files\Common Files\Symantec Shared\VirusDefs\20070226.036\NAVEX15.SYS
3S NdisIP (Microsoft TV/Video Connection) - C:\WINDOWS\system32\drivers\ndisip.sys
3R NIC1394 (1394 Net Driver) - C:\WINDOWS\system32\drivers\nic1394.sys
3S nv - C:\WINDOWS\system32\drivers\nv4_mini.sys
2S nvcap (nVidia WDM Video Capture (universal)) - C:\WINDOWS\system32\drivers\nvcap.sys
2S NVXBAR (nVidia WDM A/V Crossbar) - C:\WINDOWS\system32\drivers\nvxbar.sys
0R nv_agp (NVIDIA nForce AGP Bus Filter) - C:\WINDOWS\system32\drivers\nv_agp.SYS
0R ohci1394 (VIA OHCI Compliant IEEE 1394 Host Controller) - C:\WINDOWS\system32\drivers\ohci1394.sys
2S PavProc (Panda Process Protection Driver) - C:\WINDOWS\System32\DRIVERS\PavProc.sys (not found)
3R Pfc (Padus ASPI Shell) - C:\WINDOWS\system32\drivers\pfc.sys
3R Ps2 - C:\WINDOWS\system32\drivers\PS2.sys
0R PxHelp20 - C:\WINDOWS\system32\drivers\pxhelp20.sys
3S rtl8139 (Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver) - C:\WINDOWS\system32\drivers\R8139n51.sys
3S S3Psddr - C:\WINDOWS\system32\drivers\s3gnbm.sys
3S ScanUSBEMPIA (USB Still Image Capture Device) - C:\WINDOWS\system32\drivers\emScan.sys
3S SiS315 - C:\WINDOWS\system32\drivers\sisgrp.sys
0R SISAGP (SiS AGP Filter) - C:\WINDOWS\system32\drivers\SISAGPX.SYS
1R SiSkp - C:\WINDOWS\system32\drivers\srvkp.sys
3S SLIP (BDA Slip De-Framer) - C:\WINDOWS\system32\drivers\slip.sys
1R SPBBCDrv - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
3R SRTSP - C:\WINDOWS\system32\drivers\srtsp.sys
3S SRTSPL - C:\WINDOWS\system32\drivers\srtspl.sys
1R SRTSPX - C:\WINDOWS\system32\drivers\srtspx.sys
3S streamip (BDA IPSink) - C:\WINDOWS\system32\drivers\streamip.sys
3R SYMDNS - C:\WINDOWS\system32\drivers\symdns.sys
3R SymEvent - C:\WINDOWS\system32\drivers\SYMEVENT.SYS
3R SYMFW - C:\WINDOWS\system32\drivers\symfw.sys
3R SYMIDS - C:\WINDOWS\system32\drivers\symids.sys
3R SYMIDSCO - C:\Program Files\Common Files\Symantec Shared\SymcData\ids-diskless\20070221.002\SymIDSCo.sys
3R SYMNDIS - C:\WINDOWS\system32\drivers\symndis.sys
3R SYMREDRV - C:\WINDOWS\system32\drivers\symredrv.sys
1R SYMTDI - C:\WINDOWS\system32\drivers\symtdi.sys
3S usbccgp (Microsoft USB Generic Parent Driver) - C:\WINDOWS\system32\drivers\usbccgp.sys
3R usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - C:\WINDOWS\system32\drivers\usbehci.sys
3S usbohci (Microsoft USB Open Host Controller Miniport Driver) - C:\WINDOWS\system32\drivers\usbohci.sys
3R usbprint (Microsoft USB PRINTER Class) - C:\WINDOWS\system32\drivers\usbprint.sys
3R usbscan (USB Scanner Driver) - C:\WINDOWS\system32\drivers\usbscan.sys
0R viaagp1 (VIA AGP Filter) - C:\WINDOWS\system32\drivers\VIAAGP1.SYS
3R viagfx - C:\WINDOWS\system32\drivers\vtmini.sys
3S wceusbsh (Windows CE USB Serial Host Driver) - C:\WINDOWS\system32\drivers\wceusbsh.sys
1R WS2IFSL (Windows Socket 2.0 Non-IFS Service Provider Support Environment) - C:\WINDOWS\system32\drivers\ws2ifsl.sys
3S WSTCODEC (World Standard Teletext Codec) - C:\WINDOWS\system32\drivers\wstcodec.sys
3S {6080A529-897E-4629-A488-ABA0C29B635E} (Intel® Graphics Platform (SoftBIOS) Driver) - C:\WINDOWS\system32\drivers\ialmsbw.sys
3S {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} (Intel® Graphics Chipset (KCH) Driver) - C:\WINDOWS\system32\drivers\ialmkchw.sys
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
3S aspnet_state (ASP.NET State Service) - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
2R Automatic LiveUpdate Scheduler - "C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"
2R ccEvtMgr (Symantec Event Manager) - "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
2R ccSetMgr (Symantec Settings Manager) - "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
2R CLTNetCnService (Symantec Lic NetConnect service) - "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
3S Fax - C:\WINDOWS\system32\fxssvc.exe
2S HackerDefender100 (Windows System Uninstaller) - C:\WINDOWS\winunins.exe -service
3S ISPwdSvc (Symantec IS Password Validation) - "C:\Program Files\Norton AntiVirus\isPwdSvc.exe"
2R LexBceS (LexBce Server) - C:\WINDOWS\system32\LEXBCES.EXE
3R LiveUpdate - "C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE"
2S NVSvc (NVIDIA Driver Helper Service) - C:\WINDOWS\System32\nvsvc32.exe
3S ose (Office Source Engine) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
2S PavPrSrv (Panda Process Protection Service) - "C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe"
3S Symantec Core LC - "C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe"
2R SymAppCore (Symantec AppCore Service) - "C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe"
-- Scheduled Tasks --------------------------------------------------------------
2007-02-22 16:09:31 530 --a------ C:\WINDOWS\Tasks\Norton AntiVirus - Run Full System Scan - Owner.job<NORTON~1.JOB>
-- Files created between 2007-01-27 and 2007-02-27 ------------------------------
2007-02-27 15:07:45 0 d--hs---- C:\found.000
2007-02-25 21:28:30 4836 --a------ C:\WINDOWS\system32\tmp.reg
2007-02-25 21:28:11 79360 --a------ C:\WINDOWS\system32\swxcacls.exe
2007-02-25 21:28:10 40960 --a------ C:\WINDOWS\system32\swsc.exe
2007-02-25 21:28:10 135168 --a------ C:\WINDOWS\system32\swreg.exe
2007-02-25 21:28:10 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-02-25 21:28:10 53248 --a------ C:\WINDOWS\system32\Process.exe
2007-02-25 21:28:10 51200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-02-25 01:55:17 0 d-------- C:\Program Files\MSXML 4.0<MSXML4~1.0>
2007-02-25 01:55:12 0 d-------- C:\1545333deca3f32febfbd00e21cf<154533~1>
2007-02-24 19:55:47 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Motive
2007-02-23 15:19:41 0 d-------- C:\WINDOWS\Prefetch
2007-02-23 14:43:54 0 d-------- C:\WINDOWS\peernet
2007-02-23 14:43:53 0 d-------- C:\WINDOWS\provisioning<PROVIS~1>
2007-02-23 14:41:49 0 d-------- C:\WINDOWS\ServicePackFiles<SERVIC~1>
2007-02-23 14:36:15 0 d-------- C:\WINDOWS\EHome
2007-02-22 16:00:52 48776 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2007-02-22 16:00:52 115000 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2007-01-29 03:58:06 60416 -----n--- C:\WINDOWS\system32\tzchange.exe
-- Find3M Report ----------------------------------------------------------------
2007-02-26 21:09:25 0 d-------- C:\Program Files\Common Files\Symantec Shared<SYMANT~1>
2007-02-25 20:22:42 0 d---s---- C:\Documents and Settings\Owner\Application Data\Microsoft<MICROS~1>
2007-02-25 03:01:57 0 d-------- C:\Program Files\Mozilla Firefox<MOZILL~1>
2007-02-25 01:57:02 0 d-------- C:\Program Files\Messenger<MESSEN~1>
2007-02-24 18:56:59 0 d-------- C:\Program Files\SlySoft
2007-02-23 14:43:54 0 d-------- C:\Program Files\Movie Maker<MOVIEM~1>
2007-02-23 14:41:35 0 d-------- C:\Program Files\Windows NT<WINDOW~1>
2007-02-22 16:11:45 0 d-------- C:\Program Files\Symantec
2007-02-22 16:07:42 0 d-------- C:\Program Files\Norton AntiVirus<NORTON~1>
2007-02-06 16:36:55 0 d-------- C:\Documents and Settings\Owner\Application Data\LimeWire
2006-12-19 16:52:18 134656 --a------ C:\WINDOWS\system32\shsvcs.dll
2006-12-19 13:16:47 333824 --a------ C:\WINDOWS\system32\wiaservc.dll
2006-12-07 17:02:24 2174976 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-11-27 09:54:06 433152 --a------ C:\WINDOWS\system32\riched20.dll
2006-11-27 09:54:06 539136 --a------ C:\WINDOWS\system32\msftedit.dll
-- Registry Dump ----------------------------------------------------------------
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"NVIEW"="rundll32.exe nview.dll,nViewLoadHook"
"Zo06ROa7g"="ipcinst.exe"
"Notn"="\"C:\\Program Files\\apsi\\wtta.exe\" -vt rbnd"
"NBJ"="\"C:\\Program Files\\Ahead\\Nero BackItUp\\NBJ.exe\""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"hpsysdrv"="c:\\windows\\system\\hpsysdrv.exe"
"HotKeysCmds"="C:\\WINDOWS\\System32\\hkcmd.exe"
"CamMonitor"="C:\\Program Files\\HP\\Digital Imaging\\\\Unload\\hpqcmon.exe"
"HPHUPD05"="c:\\Program Files\\HP\\{45B6180B-DCAB-4093-8EE8-6164457517F0}\\hphupd05.exe"
"HPHmon05"="C:\\WINDOWS\\System32\\hphmon05.exe"
"KBD"="C:\\HP\\KBD\\KBD.EXE"
"Recguard"="C:\\WINDOWS\\SMINST\\RECGUARD.EXE"
"VTTimer"="VTTimer.exe"
"LTMSG"="LTMSG.exe 7"
"PS2"="C:\\WINDOWS\\system32\\ps2.exe"
"Reminder"="\"C:\\Windows\\Creator\\Remind_XP.exe\""
"mmtask"="C:\\Program Files\\MUSICMATCH\\MUSICMATCH Jukebox\\mmtask.exe"
"Share-to-Web Namespace Daemon"="C:\\Program Files\\Hewlett-Packard\\HP Share-to-Web\\hpgs2wnd.exe"
"mYj"="C:\\documents and settings\\owner\\local settings\\temp\\mYj.exe"
"zNO4A7b2w"="C:\\documents and settings\\owner\\local settings\\temp\\zNO4A7b2w.exe"
"2P6WFAX43ZHE7C"="C:\\WINDOWS\\System32\\Upwt.exe"
"Adstartup"="C:\\WINDOWS\\System32\\automove.exe"
"9bec9133e6f0"="C:\\WINDOWS\\System32\\CEWMDM73.exe"
"AutoLoaderos0c1QLTXIXa"="\"C:\\WINDOWS\\System32\\inkc32gt.exe\" "
"oFrW3EW"="inkc32gt.exe"
"AutoLoaderroygbbv"="\"C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\tmp7670.exe\" /PC=\"AM.WILD\""
"pzipt12h"="C:\\WINDOWS\\System32\\pzipt12h.exe"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"AlcxMonitor"="ALCXMNTR.EXE"
"McaHV7qNj"="C:\\windows\\system32\\McaHV7qNj.exe"
"aqyjnzxc"="c:\\windows\\system32\\aqyjnzxc.exe"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_03\\bin\\jusched.exe"
"SSBkgdUpdate"="\"C:\\Program Files\\Common Files\\Scansoft Shared\\SSBkgdUpdate\\SSBkgdupdate.exe\" -Embedding -boot"
"OpwareSE4"="\"C:\\Program Files\\ScanSoft\\OmniPageSE4.0\\OpwareSE4.exe\""
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"osCheck"="\"C:\\Program Files\\Norton AntiVirus\\osCheck.exe\""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\HackerDefender100
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
-- End of ComboScan: finished at 2007-02-27 at 15:16:11 -------------------------