I forgot to tell you i know what HVAC Load Explorer is, its a program i used in one of my engineering classes.
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Monday, April 02, 2007 12:33:06 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 2/04/2007
Kaspersky Anti-Virus database records: 289783
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
C:\
D:\
E:\
G:\
H:\
I:\
Scan Statistics:
Total number of scanned objects: 162875
Number of viruses found: 10
Number of infected objects: 47 / 0
Number of suspicious objects: 2
Duration of the scan process: 01:52:38
Infected Object Name / Virus Name / Last Action
C:\!KillBox\Dc1\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZlobVideoAccessActiveXObject.zip/uninst.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZlobVideoAccessActiveXObject.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\Brian Huckabay\.housecall\Quarantine\A0034356.dll.bac_a03668 Infected: not-a-virus:AdWare.Win32.180Solutions.au skipped
C:\Documents and Settings\Brian Huckabay\.housecall\Quarantine\A0035408.dll.bac_a03668 Infected: not-a-virus:AdWare.Win32.SearchAssistant.h skipped
C:\Documents and Settings\Brian Huckabay\.housecall\Quarantine\A0035410.dll.bac_a03668 Infected: not-a-virus:AdWare.Win32.SearchAssistant.h skipped
C:\Documents and Settings\Brian Huckabay\.housecall\Quarantine\A0037574.exe.bac_a01036 Infected: Trojan-Downloader.Win32.Small.cpg skipped
C:\Documents and Settings\Brian Huckabay\.housecall\Quarantine\A0037575.exe.bac_a01036 Infected: Trojan-Downloader.Win32.Small.cpg skipped
C:\Documents and Settings\Brian Huckabay\.housecall\Quarantine\count.jar-160dd9ae-33bee2a1.zip.bac_a03668/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\Brian Huckabay\.housecall\Quarantine\count.jar-160dd9ae-33bee2a1.zip.bac_a03668/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\Brian Huckabay\.housecall\Quarantine\count.jar-160dd9ae-33bee2a1.zip.bac_a03668/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\Brian Huckabay\.housecall\Quarantine\count.jar-160dd9ae-33bee2a1.zip.bac_a03668 ZIP: infected - 3 skipped
C:\Documents and Settings\Brian Huckabay\.housecall\Quarantine\count.jar-160dd9ae-33bee2a1.zip.bac_a03668 CryptFF.b: infected - 3 skipped
C:\Documents and Settings\Brian Huckabay\.housecall\Quarantine\count.jar-516ac74a-2fe1cd29.zip.bac_a03668/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\Brian Huckabay\.housecall\Quarantine\count.jar-516ac74a-2fe1cd29.zip.bac_a03668/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\Brian Huckabay\.housecall\Quarantine\count.jar-516ac74a-2fe1cd29.zip.bac_a03668/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\Brian Huckabay\.housecall\Quarantine\count.jar-516ac74a-2fe1cd29.zip.bac_a03668 ZIP: infected - 3 skipped
C:\Documents and Settings\Brian Huckabay\.housecall\Quarantine\count.jar-516ac74a-2fe1cd29.zip.bac_a03668 CryptFF.b: infected - 3 skipped
C:\Documents and Settings\Brian Huckabay\.housecall\Quarantine\vtigqvdd.exe.bac_a03668 Infected: Trojan-Downloader.Win32.Small.cpg skipped
C:\Documents and Settings\Brian Huckabay\.housecall\Quarantine\winstall.exe.bac_a03668 Infected: Trojan-Downloader.Win32.Small.cpg skipped
C:\Documents and Settings\Brian Huckabay\.housecall6.6\Quarantine\A0034356.dll.bac_a03668 Infected: not-a-virus:AdWare.Win32.180Solutions.au skipped
C:\Documents and Settings\Brian Huckabay\.housecall6.6\Quarantine\A0035408.dll.bac_a03668 Infected: not-a-virus:AdWare.Win32.SearchAssistant.h skipped
C:\Documents and Settings\Brian Huckabay\.housecall6.6\Quarantine\A0035410.dll.bac_a03668 Infected: not-a-virus:AdWare.Win32.SearchAssistant.h skipped
C:\Documents and Settings\Brian Huckabay\.housecall6.6\Quarantine\A0037574.exe.bac_a01036 Infected: Trojan-Downloader.Win32.Small.cpg skipped
C:\Documents and Settings\Brian Huckabay\.housecall6.6\Quarantine\A0037575.exe.bac_a01036 Infected: Trojan-Downloader.Win32.Small.cpg skipped
C:\Documents and Settings\Brian Huckabay\.housecall6.6\Quarantine\count.jar-160dd9ae-33bee2a1.zip.bac_a03668/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\Brian Huckabay\.housecall6.6\Quarantine\count.jar-160dd9ae-33bee2a1.zip.bac_a03668/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\Brian Huckabay\.housecall6.6\Quarantine\count.jar-160dd9ae-33bee2a1.zip.bac_a03668/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\Brian Huckabay\.housecall6.6\Quarantine\count.jar-160dd9ae-33bee2a1.zip.bac_a03668 ZIP: infected - 3 skipped
C:\Documents and Settings\Brian Huckabay\.housecall6.6\Quarantine\count.jar-160dd9ae-33bee2a1.zip.bac_a03668 CryptFF.b: infected - 3 skipped
C:\Documents and Settings\Brian Huckabay\.housecall6.6\Quarantine\count.jar-516ac74a-2fe1cd29.zip.bac_a03668/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\Brian Huckabay\.housecall6.6\Quarantine\count.jar-516ac74a-2fe1cd29.zip.bac_a03668/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\Brian Huckabay\.housecall6.6\Quarantine\count.jar-516ac74a-2fe1cd29.zip.bac_a03668/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\Brian Huckabay\.housecall6.6\Quarantine\count.jar-516ac74a-2fe1cd29.zip.bac_a03668 ZIP: infected - 3 skipped
C:\Documents and Settings\Brian Huckabay\.housecall6.6\Quarantine\count.jar-516ac74a-2fe1cd29.zip.bac_a03668 CryptFF.b: infected - 3 skipped
C:\Documents and Settings\Brian Huckabay\.housecall6.6\Quarantine\vtigqvdd.exe.bac_a03668 Infected: Trojan-Downloader.Win32.Small.cpg skipped
C:\Documents and Settings\Brian Huckabay\.housecall6.6\Quarantine\winstall.exe.bac_a03668 Infected: Trojan-Downloader.Win32.Small.cpg skipped
C:\Documents and Settings\Brian Huckabay\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Brian Huckabay\Desktop\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\Brian Huckabay\Desktop\SmitfraudFix.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\Brian Huckabay\Desktop\SmitfraudFix.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\Brian Huckabay\Desktop\SmitfraudFix.exe RarSFX: infected - 2 skipped
C:\Documents and Settings\Brian Huckabay\Local Settings\Application Data\Ahead\Nero Home\bl.db Object is locked skipped
C:\Documents and Settings\Brian Huckabay\Local Settings\Application Data\Ahead\Nero Home\bl.db-journal Object is locked skipped
C:\Documents and Settings\Brian Huckabay\Local Settings\Application Data\Ahead\Nero Home\is2.db Object is locked skipped
C:\Documents and Settings\Brian Huckabay\Local Settings\Application Data\Ahead\Nero Home\is2.db-journal Object is locked skipped
C:\Documents and Settings\Brian Huckabay\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Brian Huckabay\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Brian Huckabay\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Brian Huckabay\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Brian Huckabay\Local Settings\History\History.IE5\MSHist012007040120070402\index.dat Object is locked skipped
C:\Documents and Settings\Brian Huckabay\Local Settings\Temp\NeroDemo11606\Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Documents and Settings\Brian Huckabay\Local Settings\Temp\~DFE74A.tmp Object is locked skipped
C:\Documents and Settings\Brian Huckabay\Local Settings\Temp\~DFE7F2.tmp Object is locked skipped
C:\Documents and Settings\Brian Huckabay\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Brian Huckabay\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Brian Huckabay\My Documents\Brian Stuff\Downloads\Nero-7.5.9.0A_eng.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Documents and Settings\Brian Huckabay\My Documents\Brian Stuff\Downloads\Nero-7.5.9.0A_eng.exe RAR: infected - 1 skipped
C:\Documents and Settings\Brian Huckabay\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Brian Huckabay\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Data\master.mdf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Data\mastlog.ldf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Data\model.mdf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Data\modellog.ldf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Data\tempdb.mdf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Data\templog.ldf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\LOG\ERRORLOG Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Data\master.mdf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Data\mastlog.ldf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Data\model.mdf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Data\modellog.ldf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Data\tempdb.mdf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Data\templog.ldf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\LOG\ERRORLOG Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\tracking.log Object is locked skipped
C:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP476\A0087897.exe Infected: Trojan-Downloader.Win32.Zlob.boi skipped
C:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP476\A0090971.dll Infected: Trojan-Downloader.Win32.Agent.bkd skipped
C:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP488\A0092147.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\System Volume Information\_restore{A80475B6-CF6D-4B3A-BD21-B16C67DB5304}\RP488\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_308.dat Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_7a4.dat Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
G:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
H:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
I:\Brian Stuff\Downloads\Nero-7.5.9.0A_eng.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
I:\Brian Stuff\Downloads\Nero-7.5.9.0A_eng.exe RAR: infected - 1 skipped
I:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.
Logfile of HijackThis v1.99.1
Scan saved at 12:35:36 AM, on 4/2/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\WINDOWS\TPPALDR.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\Internet Security 2007\TMAS_OE\TMAS_OEMon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Powertweak\ptctrl.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wscntfy.exe
C:\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://ie.redirect.h...a...n&pf=laptopR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.h...a...n&pf=laptopR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.h...a...n&pf=laptopR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [TPP Auto Loader] C:\WINDOWS\TPPALDR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [pccguide.exe] C:\PROGRA~1\TRENDM~1\INTERN~2\pccguide.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Powertweak] C:\PROGRA~1\Powertweak\pt2.exe -auto
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [OE] "C:\Program Files\Trend Micro\Internet Security 2007\TMAS_OE\TMAS_OEMon.exe"
O4 - Global Startup: Powertweak.lnk = C:\Program Files\Powertweak\ptctrl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
http://qtinstall.inf...ex/QTPlugin.cabO16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky...can_unicode.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) -
http://photo.walgree...eensActivia.cabO16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) -
http://upload.facebo...otoUploader.cabO16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) -
http://h20270.www2.h...ctDetection.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoft...free/asinst.cabO16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} -
http://www.trendmicr...scan/as4web.cabO18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\hpbpro.exe
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\hpboid.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
O23 - Service: MSSQL$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe" -sMICROSOFTSMLBIZ (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\PcScnSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SQLAgent$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE" -i MICROSOFTSMLBIZ (file missing)
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exe
Thanks a ton!