Spyware infection that I cannot kill

I have been trying to clear a spyware issue on a pc. I think I have some of it killed, but my internet performance is very slow. Below are the required logs.

KASPERSKY ONLINE SCANNER REPORTKASPERSKY ONLINE SCANNER REPORT
Wednesday, August 08, 2007 9:36:58 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build
2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 9/08/2007
Kaspersky Anti-Virus database records: 377326

Scan Settings
Scan using the following antivirus databaseextended
Scan Archivestrue
Scan Mail Basestrue

Scan TargetMy Computer
A:\
C:\
D:\

Scan Statistics
Total number of scanned objects51503
Number of viruses found3
Number of infected objects44
Number of suspicious objects0
Duration of the scan process00:57:17

Infected Object NameVirus NameLast Action
C:\Documents and Settings\Administrator.WKS0951\Application
Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SUPERANTISPYWARE.LOG Object is
locked skipped

C:\Documents and Settings\Administrator.WKS0951\Cookies\index.dat Object
is locked skipped

C:\Documents and Settings\Administrator.WKS0951\Local Settings\Application
Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Administrator.WKS0951\Local Settings\Application
Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Administrator.WKS0951\Local
Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Administrator.WKS0951\Local Settings\Temporary
Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Administrator.WKS0951\NTUSER.DAT Object is
locked skipped

C:\Documents and Settings\Administrator.WKS0951\NTUSER.DAT.LOG Object is
locked skipped

C:\Documents and Settings\All Users\Application
Data\Microsoft\Crypto\DSS\MachineKeys\8d3a9310dcd90f5ae4e9a82cb13ac87b_7742b0c7-5d9c-4840-b533-8027c2e7540a
Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Dr
Watson\user.dmp Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\Common
Client\settings.dat Object is locked skipped

C:\Documents and Settings\All Users\Application
Data\Symantec\SPBBC\BBConfig.log Object is locked skipped

C:\Documents and Settings\All Users\Application
Data\Symantec\SPBBC\BBDebug.log Object is locked skipped

C:\Documents and Settings\All Users\Application
Data\Symantec\SPBBC\BBDetect.log Object is locked skipped

C:\Documents and Settings\All Users\Application
Data\Symantec\SPBBC\BBNotify.log Object is locked skipped

C:\Documents and Settings\All Users\Application
Data\Symantec\SPBBC\BBRefr.log Object is locked skipped

C:\Documents and Settings\All Users\Application
Data\Symantec\SPBBC\BBSetCfg.log Object is locked skipped

C:\Documents and Settings\All Users\Application
Data\Symantec\SPBBC\BBSetCfg2.log Object is locked skipped

C:\Documents and Settings\All Users\Application
Data\Symantec\SPBBC\BBSetDev.log Object is locked skipped

C:\Documents and Settings\All Users\Application
Data\Symantec\SPBBC\BBSetLoc.log Object is locked skipped

C:\Documents and Settings\All Users\Application
Data\Symantec\SPBBC\BBSetUsr.log Object is locked skipped

C:\Documents and Settings\All Users\Application
Data\Symantec\SPBBC\BBStHash.log Object is locked skipped

C:\Documents and Settings\All Users\Application
Data\Symantec\SPBBC\BBValid.log Object is locked skipped

C:\Documents and Settings\All Users\Application
Data\Symantec\SPBBC\SPPolicy.log Object is locked skipped

C:\Documents and Settings\All Users\Application
Data\Symantec\SPBBC\SPStart.log Object is locked skipped

C:\Documents and Settings\All Users\Application
Data\Symantec\SPBBC\SPStop.log Object is locked skipped

C:\Documents and Settings\All Users\Application
Data\Symantec\SRTSP\SrtErEvt.log Object is locked skipped

C:\Documents and Settings\All Users\Application
Data\Symantec\SRTSP\SrtETmp\6F1F7BA5.TMP Object is locked skipped

C:\Documents and Settings\All Users\Application
Data\Symantec\SRTSP\SrtMoEvt.log Object is locked skipped

C:\Documents and Settings\All Users\Application
Data\Symantec\SRTSP\SrtNvEvt.log Object is locked skipped

C:\Documents and Settings\All Users\Application
Data\Symantec\SRTSP\SrtScEvt.log Object is locked skipped

C:\Documents and Settings\All Users\Application
Data\Symantec\SRTSP\SrtTxFEvt.log Object is locked skipped

C:\Documents and Settings\All Users\Application
Data\Symantec\SRTSP\SrtViEvt.log Object is locked skipped

C:\Documents and Settings\COB\Local Settings\Application
Data\Microsoft\Outlook\outlook.pst/Personal Folders/Deleted Items/19 Dec
2004 17:35 from Smith Barney:Smith Barney: Official Infor.html Infected:
Trojan-Spy.HTML.Smitfraud.a skipped

C:\Documents and Settings\COB\Local Settings\Application
Data\Microsoft\Outlook\outlook.pst Mail MS Mail: infected - 1 skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked
skipped

C:\Documents and Settings\LocalService\Local Settings\Application
Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application
Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Local
Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet
Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet
Files\Content.IE5\UAZLPTRY\index[19].htm Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked
skipped

C:\Documents and Settings\NetworkService\Local Settings\Application
Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application
Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked
skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked
skipped

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object
is locked skipped

C:\Program Files\Common Files\Symantec Shared\coShared\WA\1.5\NCOWAD.dat
Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\coShared\WA\1.5\NCOWADMT.dat
Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\coShared\WA\1.5\NCOWAS.dat
Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\coShared\WA\1.5\NCOWAS.ldb
Object is locked skipped

C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object
is locked skipped

C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked
skipped

C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked
skipped

C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked
skipped

C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked
skipped

C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked
skipped

C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked
skipped

C:\Program Files\Norton 360\Log\AutoProtect.log Object is locked skipped

C:\Program Files\Norton 360\Log\AVContext.log Object is locked skipped

C:\Program Files\Norton 360\Log\AVManual.log Object is locked skipped

C:\Program Files\Norton 360\Log\Backup.log Object is locked skipped

C:\Program Files\Norton 360\Log\CUInternetPageViewHistory.log Object is
locked skipped

C:\Program Files\Norton 360\Log\CUInternetSearchHistory.log Object is
locked skipped

C:\Program Files\Norton 360\Log\CUInternetTempFiles.log Object is locked
skipped

C:\Program Files\Norton 360\Log\CUWindowsTempFiles.log Object is locked
skipped

C:\Program Files\Norton 360\Log\EmailScan.log Object is locked skipped

C:\Program Files\Norton 360\Log\InternetSecurity.log Object is locked
skipped

C:\Program Files\Norton 360\Log\ISIntrusionPrevented.log Object is locked
skipped

C:\Program Files\Norton 360\Log\ISIOTraffic.log Object is locked skipped

C:\Program Files\Norton 360\Log\ISNewNetwork.log Object is locked skipped

C:\Program Files\Norton 360\Log\LiveUpdate.log Object is locked skipped

C:\Program Files\Norton 360\Log\NCO.log Object is locked skipped

C:\Program Files\Norton 360\Log\VABrowserSettings.log Object is locked
skipped

C:\Program Files\Norton 360\Log\VAIPAddresses.log Object is locked skipped

C:\Program Files\Norton 360\Log\VAWeakPasswords.log Object is locked
skipped

C:\Program Files\Norton 360\Log\WDFScanner.log Object is locked skipped

C:\QooBox\Quarantine\C\WINDOWS\system32\xydzyh.exe.vir Infected:
Trojan-Downloader.Win32.Delf.bfu skipped

C:\sdfix\SDFix\backups\backups.zip/backups/svchest.exe/data.rar/svchests.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\sdfix\SDFix\backups\backups.zip/backups/svchest.exe/data.rar Infected:
Trojan-Downloader.Win32.Delf.bfu skipped

C:\sdfix\SDFix\backups\backups.zip/backups/svchest.exe Infected:
Trojan-Downloader.Win32.Delf.bfu skipped

C:\sdfix\SDFix\backups\backups.zip ZIP: infected - 3 skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is
locked skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1444\A0163526.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1445\A0163616.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1445\A0163640.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1446\A0163974.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1446\A0164029.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1446\A0164064.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1447\A0164095.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1448\A0164164.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1448\A0164173.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1448\A0164180.exe/data.rar/svchests.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1448\A0164180.exe/data.rar
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1448\A0164180.exe
RarSFX: infected - 2 skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1448\A0164184.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1448\A0164187.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1448\A0164217.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1448\A0164227.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1449\A0164288.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1450\A0164323.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1450\A0164353.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1450\A0164388.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1450\A0164399.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1450\A0164410.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1450\A0164421.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1450\A0164434.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1451\A0164479.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1451\A0164488.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1451\A0164509.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1451\A0164510.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1451\A0164518.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1451\A0164527.exe/data.rar/svchests.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1451\A0164527.exe/data.rar
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1451\A0164527.exe
RarSFX: infected - 2 skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1451\A0164532.exe/data.rar/svchests.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1451\A0164532.exe/data.rar
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1451\A0164532.exe
RarSFX: infected - 2 skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1452\A0164587.exe
Infected: Trojan-Downloader.Win32.Delf.bfu skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1452\A0164608.exe
Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\System Volume
Information\_restore{C08A8BE6-1B76-4DF3-AF21-52D3E849E98B}\RP1452\change.log
Object is locked skipped

C:\WINDOWS\$NtUninstallKB824141$\user32.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB824141$\win32k.sys Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\accwiz.exe Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\cryptsvc.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\hhctrl.ocx Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\hhsetup.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\html32.cnv Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\itss.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\locator.exe Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\magnify.exe Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\migwiz.exe Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\mrxsmb.sys Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\msconv97.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\narrator.exe Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\newdev.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\ntdll.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\ntkrnlpa.exe Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\ntoskrnl.exe Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\osk.exe Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\pchshell.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\shdocvw.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\shell32.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\shmedia.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\srrstr.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\srv.sys Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\sysmain.sdb Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\urlmon.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\user32.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\win32k.sys Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\winsrv.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828035$\msgsvc.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828035$\wkssvc.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\catsrv.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\catsrvut.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\clbcatex.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\clbcatq.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\colbact.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\comadmin.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\comrepl.exe Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\comsvcs.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\comuid.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\es.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\migregdb.exe Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\msdtcprx.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\msdtctm.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\msdtcuiu.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\mtxclu.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\mtxoci.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\ole32.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\rpcrt4.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\rpcss.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB828741$\txflog.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB835732$\callcont.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB835732$\cmdevtgprov.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB835732$\evtgprov.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB835732$\gdi32.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB835732$\h323.tsp Object is locked skipped

C:\WINDOWS\$NtUninstallKB835732$\h323msp.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB835732$\helpctr.exe Object is locked skipped

C:\WINDOWS\$NtUninstallKB835732$\ipnathlp.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB835732$\lsasrv.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB835732$\mf3216.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB835732$\msasn1.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB835732$\msgina.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB835732$\mst120.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB835732$\netapi32.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB835732$\nmcom.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB835732$\rtcdll.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB835732$\schannel.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB835732$\xpsp2res.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB837001$\dao360.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB837001$\expsrv.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB837001$\msexch40.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB837001$\msexcl40.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB837001$\msjet40.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB837001$\msjetoledb40.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB837001$\msjint40.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB837001$\msjter40.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB837001$\msjtes40.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB837001$\msltus40.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB837001$\mspbde40.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB837001$\msrd2x40.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB837001$\msrd3x40.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB837001$\msrepl40.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB837001$\mstext40.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB837001$\mswdat10.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB837001$\mswstr10.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB837001$\msxbde40.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB837001$\vbajet32.dll Object is locked skipped

C:\WINDOWS\CSC000001 Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked
skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked
skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked
skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked
skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked
skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked
skipped

C:\WINDOWS\Temp\cc656.tmp Object is locked skipped

C:\WINDOWS\Temp\cc657.tmp Object is locked skipped

C:\WINDOWS\Temp\cc658.tmp Object is locked skipped

C:\WINDOWS\Temp\cc659.tmp Object is locked skipped

C:\WINDOWS\Temp\cc65A.tmp Object is locked skipped

C:\WINDOWS\Temp\cc65B.tmp Object is locked skipped

C:\WINDOWS\Temp\cc65C.tmp Object is locked skipped

C:\WINDOWS\Temp\JET9482.tmp Object is locked skipped

C:\WINDOWS\Temp\JETB458.tmp Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

ComboFix 07-08-07.6 - "Administrator" 2007-08-08 0:24:21.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.79 [GMT -4:00]
* Created a new restore point

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

C:\WINDOWS\hitpop_tmp.txt
C:\WINDOWS\system32\mywebhit.ini
C:\WINDOWS\system32\mywebhit.ini.tmp
C:\WINDOWS\system32\xydzyh.exe

((((((((((((((((((((((((( Files Created from 2007-07-08 to 2007-08-08 )))))))))))))))))))))))))))))))

2007-08-08 00:23 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-07 23:58 <DIR> d-------- C:\WINDOWS\ERUNT
2007-08-07 20:03 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
2007-08-07 20:01 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2007-08-07 20:01 <DIR> d-------- C:\DOCUME~1\ADMINI~1.WKS\APPLIC~1\SUPERAntiSpyware.com
2007-08-07 19:58 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-08-06 23:27 <DIR> d-------- C:\VundoFix Backups
2007-08-06 22:01 <DIR> d-------- C:\WINDOWS\pss
2007-08-06 21:31 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-08-06 21:24 <DIR> d-------- C:\smk
2007-07-30 13:31 23,040 -----c--- C:\WINDOWS\system32\dllcache\fltmc.exe
2007-07-30 13:31 16,896 -----c--- C:\WINDOWS\system32\dllcache\fltlib.dll
2007-07-30 13:31 128,896 -----c--- C:\WINDOWS\system32\dllcache\fltmgr.sys
2007-07-30 13:31 <DIR> d-------- C:\Program Files\MSXML 4.0
2007-07-30 10:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-07-30 03:42 <DIR> d-------- C:\WINDOWS\Prefetch
2007-07-30 00:31 <DIR> d-------- C:\WINDOWS\provisioning
2007-07-29 23:37 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
2007-07-29 23:00 <DIR> d--hs---- C:\RECYCLER
2007-07-29 22:42 22,112 -ra------ C:\WINDOWS\system32\drivers\COH_Mon.sys
2007-07-29 22:41 186,256 --a------ C:\WINDOWS\system32\SymNPPWA.dll
2007-07-26 13:45 1,060,864 --a------ C:\WINDOWS\system32\MFC71.DLL
2007-07-25 03:37 81,408 --------- C:\WINDOWS\system32\wscsvc.dll
2007-07-25 03:37 78,464 --------- C:\WINDOWS\system32\drivers\usbvideo.sys
2007-07-25 03:37 50,176 --------- C:\WINDOWS\system32\xmlprovi.dll
2007-07-25 03:37 44,672 --------- C:\WINDOWS\system32\drivers\uagp35.sys
2007-07-25 03:37 44,032 --------- C:\WINDOWS\system32\twext.dll
2007-07-25 03:37 42,240 --------- C:\WINDOWS\system32\drivers\viaagp.sys
2007-07-25 03:37 25,471 --------- C:\WINDOWS\system32\drivers\watv10nt.sys
2007-07-25 03:37 22,271 --------- C:\WINDOWS\system32\drivers\watv06nt.sys
2007-07-25 03:37 17,408 --------- C:\WINDOWS\system32\winshfhc.dll
2007-07-25 03:37 15,872 --------- C:\WINDOWS\system32\w3ssl.dll
2007-07-25 03:37 13,824 --------- C:\WINDOWS\system32\wscntfy.exe
2007-07-25 03:37 129,536 --------- C:\WINDOWS\system32\xmlprov.dll
2007-07-25 03:37 12,672 --------- C:\WINDOWS\system32\drivers\usb8023x.sys
2007-07-25 03:37 11,935 --------- C:\WINDOWS\system32\drivers\wadv11nt.sys
2007-07-25 03:37 11,871 --------- C:\WINDOWS\system32\drivers\wadv09nt.sys
2007-07-25 03:37 11,807 --------- C:\WINDOWS\system32\drivers\wadv07nt.sys
2007-07-25 03:37 11,325 --------- C:\WINDOWS\system32\drivers\vchnt5.dll
2007-07-25 03:37 11,295 --------- C:\WINDOWS\system32\drivers\wadv08nt.sys
2007-07-25 03:37 108,032 --------- C:\WINDOWS\system32\wshbth.dll
2007-07-25 03:36 95,424 --------- C:\WINDOWS\system32\drivers\slnthal.sys
2007-07-25 03:36 8,192 --a------ C:\WINDOWS\system32\spdwnwxp.exe
2007-07-25 03:36 8,192 --------- C:\WINDOWS\system32\smbinst.exe
2007-07-25 03:36 75,776 --------- C:\WINDOWS\system32\strmfilt.dll
2007-07-25 03:36 73,832 --------- C:\WINDOWS\system32\slcoinst.dll
2007-07-25 03:36 73,796 --------- C:\WINDOWS\system32\slserv.exe
2007-07-25 03:36 67,584 --------- C:\WINDOWS\system32\drivers\sdbus.sys
2007-07-25 03:36 59,648 --------- C:\WINDOWS\system32\drivers\rfcomm.sys
2007-07-25 03:36 49,152 --------- C:\WINDOWS\system32\powercfg.exe
2007-07-25 03:36 452,736 --------- C:\WINDOWS\system32\drivers\mtxparhm.sys
2007-07-25 03:36 41,088 --------- C:\WINDOWS\system32\drivers\sisagp.sys
2007-07-25 03:36 404,990 --------- C:\WINDOWS\system32\drivers\slntamr.sys
2007-07-25 03:36 4,569 --------- C:\WINDOWS\system32\secupd.dat
2007-07-25 03:36 397,056 --------- C:\WINDOWS\system32\s3gnb.dll
2007-07-25 03:36 32,866 --------- C:\WINDOWS\system32\slrundll.exe
2007-07-25 03:36 32,866 --------- C:\WINDOWS\slrundll.exe
2007-07-25 03:36 30,080 --------- C:\WINDOWS\system32\drivers\rndismpx.sys
2007-07-25 03:36 3,901 --------- C:\WINDOWS\system32\drivers\siint5.dll
2007-07-25 03:36 29,184 --------- C:\WINDOWS\system32\sdhcinst.dll
2007-07-25 03:36 286,792 --------- C:\WINDOWS\system32\slextspk.dll
2007-07-25 03:36 21,504 --------- C:\WINDOWS\system32\spupdwxp.exe
2007-07-25 03:36 188,508 --------- C:\WINDOWS\system32\slgen.dll
2007-07-25 03:36 180,360 --------- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2007-07-25 03:36 166,912 --------- C:\WINDOWS\system32\drivers\s3gnbm.sys
2007-07-25 03:36 15,488 --------- C:\WINDOWS\system32\drivers\mssmbios.sys
2007-07-25 03:36 13,776 --------- C:\WINDOWS\system32\drivers\recagent.sys
2007-07-25 03:36 13,240 --------- C:\WINDOWS\system32\drivers\slwdmsup.sys
2007-07-25 03:36 129,535 --------- C:\WINDOWS\system32\drivers\slnt7554.sys
2007-07-25 03:36 126,686 --------- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2007-07-25 03:36 118,784 --------- C:\WINDOWS\system32\msdadiag.dll
2007-07-25 03:36 11,776 --------- C:\WINDOWS\system32\spnpinst.exe
2007-07-25 03:36 11,136 --------- C:\WINDOWS\system32\drivers\sffdisk.sys
2007-07-25 03:36 10,240 --------- C:\WINDOWS\system32\drivers\sffp_sd.sys
2007-07-25 03:36 1,737,856 --------- C:\WINDOWS\system32\mtxparhd.dll
2007-07-25 03:36 1,309,184 --------- C:\WINDOWS\system32\drivers\mtlstrm.sys
2007-07-25 03:35 9,728 --------- C:\WINDOWS\system32\rwnh.dll
2007-07-25 03:35 9,728 --------- C:\WINDOWS\system32\comsdupd.exe
2007-07-25 03:35 86,016 --------- C:\WINDOWS\system32\mdmxsdk.dll
2007-07-25 03:35 81,920 --------- C:\WINDOWS\system32\ieencode.dll
2007-07-25 03:35 71,680 --------- C:\WINDOWS\system32\blastcln.exe
2007-07-25 03:35 7,680 --------- C:\WINDOWS\system32\kbdsmsno.dll
2007-07-25 03:35 7,680 --------- C:\WINDOWS\system32\kbdsmsfi.dll
2007-07-25 03:35 7,168 --------- C:\WINDOWS\system32\kbdukx.dll
2007-07-25 03:35 7,168 --------- C:\WINDOWS\system32\kbdno1.dll
2007-07-25 03:35 7,168 --------- C:\WINDOWS\system32\kbdfi1.dll
2007-07-25 03:35 685,056 --------- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2007-07-25 03:35 63,663 --------- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2007-07-25 03:35 60,416 --------- C:\WINDOWS\system32\fwcfg.dll
2007-07-25 03:35 6,656 --------- C:\WINDOWS\system32\kbdinmal.dll
2007-07-25 03:35 6,656 --------- C:\WINDOWS\system32\kbdinben.dll
2007-07-25 03:35 6,144 --------- C:\WINDOWS\system32\kbdmlt48.dll
2007-07-25 03:35 6,144 --------- C:\WINDOWS\system32\kbdmlt47.dll
2007-07-25 03:35 6,144 --------- C:\WINDOWS\system32\kbdinbe1.dll
2007-07-25 03:35 516,768 --------- C:\WINDOWS\system32\ativvaxx.dll
2007-07-25 03:35 50,688 --------- C:\WINDOWS\system32\btpanui.dll
2007-07-25 03:35 5,632 --------- C:\WINDOWS\system32\kbdmaori.dll
2007-07-25 03:35 46,464 --------- C:\WINDOWS\system32\drivers\gagp30kx.sys
2007-07-25 03:35 38,016 --------- C:\WINDOWS\system32\drivers\bthmodem.sys
2007-07-25 03:35 36,463 --------- C:\WINDOWS\system32\drivers\ati1tuxx.sys

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-08-01 18:37 --------- d-------- C:\Program Files\Common Files\Symantec Shared
2007-07-30 14:27 --------- d-------- C:\Program Files\Messenger
2007-07-30 13:38 --------- d-------- C:\Program Files\Microsoft Works
2007-07-30 10:19 --------- d--h----- C:\Program Files\WindowsUpdate
2007-07-30 00:31 --------- d-------- C:\Program Files\Movie Maker
2007-07-30 00:25 --------- d-------- C:\Program Files\Windows NT
2007-07-24 11:34 806 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF
2007-07-24 11:34 8014 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2007-07-24 11:34 --------- d-------- C:\Program Files\Symantec
2007-07-23 15:07 60968 --a------ C:\WINDOWS\java\GoToAssistDownloadHelper.exe
2007-07-23 14:18 --------- d-------- C:\Program Files\Test Drive 4
2007-07-23 14:16 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-07-23 14:16 --------- d-------- C:\Program Files\Common Files\InstallShield
2007-05-16 11:12 86528 -----c--- C:\WINDOWS\system32\dllcache\directdb.dll
2007-05-16 11:12 85504 -----c--- C:\WINDOWS\system32\dllcache\wabimp.dll
2007-05-16 11:12 683520 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-05-16 11:12 683520 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-05-16 11:12 510976 -----c--- C:\WINDOWS\system32\dllcache\wab32.dll
2007-05-16 11:12 1314816 -----c--- C:\WINDOWS\system32\dllcache\msoe.dll

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Smapp"="C:\Program Files\Analog Devices\SoundMAX\Smtray.exe" [2002-03-19 12:01]
"IntelliType"="C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" [2002-03-22 00:41]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\point32.exe" [2003-05-15 19:41]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-07 00:46]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 19:58]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 10:36]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-10 01:59]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 18:30]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 05:25]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 12:24]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:56]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-08-07 21:02]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL 2007-08-07 21:02 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BJCFD]
C:\Program Files\BroadJump\Client Foundation\CFD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\blspcloader]
"C:\Program Files\BellSouth Internet Tools\blsloader.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tgcmd]
"C:\Program Files\Support.com\BellSouth\hcenter.exe" /starthidden /tgcmdwrapper

R1 SASDIFSV;SASDIFSV;\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
R1 SASKUTIL;SASKUTIL;\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
R1 SRTSPX;SRTSPX;C:\WINDOWS\system32\Drivers\SRTSPX.SYS
R3 ati2mtaa;ati2mtaa;C:\WINDOWS\system32\DRIVERS\ati2mtaa.sys
R3 Point32;Microsoft IntelliPoint Filter Driver;C:\WINDOWS\system32\DRIVERS\point32.sys
R3 SASENUM;SASENUM;\??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
R3 SRTSP;SRTSP;C:\WINDOWS\system32\Drivers\SRTSP.SYS
S2 NAVAPEL;NAVAPEL;\??\C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAPEL.SYS
S3 ati2mpaa;ati2mpaa;C:\WINDOWS\system32\DRIVERS\ati2mpaa.sys
S3 CO_Mon;CO_Mon;\??\C:\WINDOWS\System32\Drivers\CO_Mon.sys
S3 IPFilter;Microsoft IntelliPoint Features driver;C:\WINDOWS\system32\DRIVERS\IPFilter.sys
S3 mdxgthkn;mdxgthkn;\??\C:\DOCUME~1\ADMINI~1.WKS\LOCALS~1\Temp\mdxgthkn.sys
S3 NAVAP;NAVAP;\??\C:\PROGRA~1\SYMANT~1\SYMANT~1\NAVAP.sys
S3 SRTSPL;SRTSPL;C:\WINDOWS\system32\Drivers\SRTSPL.SYS

*Newly Created Service* - COMHOST

Contents of the 'Scheduled Tasks' folder
2007-07-24 21:57:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-08 00:27:56
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-08-08 0:29:49
C:\ComboFix-quarantined-files.txt ... 2007-08-08 00:29

--- E O F ---

Logfile of HijackThis v1.99.1
Scan saved at 12:30:49 AM, on 8/8/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.thehorizonbank.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BlspcHlpr Class - {15C9938F-CB96-496D-800A-B827F2E34EA1} - C:\Program Files\BellSouth Internet Tools\blspc.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.thehorizonbank.com
O16 - DPF: Insession - v3r3 Build 010706 - Base Components - https://secure.fiser...iles/basj1c.cab
O16 - DPF: Insession - v3r3 Build 010706 - SSL Support - https://secure.fiser...iles/sslj1c.cab
O16 - DPF: Insession - v3r3 Build 010706 - Web6530 - https://secure.fiser...iles/w65j1c.cab
O16 - DPF: Insession - v3r3 Build 010706 - Web6530 (SSL) Installer - https://secure.fiser...es/w65sij1c.cab
O16 - DPF: {08F04139-8DFC-11D2-80E9-006008B066EE} (ConfigChkr Class) - https://cert.synovus...et/vscnfchk.cab
O16 - DPF: {24CEC0BF-C8BC-4BCB-B804-226326B319EF} (JNILoader Control) - http://sametime1.con...STJNILoader.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1105561451046
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symant...ex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1185765986546
O16 - DPF: {6F7864F9-DB33-11D3-8166-0060B0F885E6} (VSPTA Class) - https://cert.synovus....net/vspta3.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab32846.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = thehorizonbank.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{26617250-69C6-46B4-B3D5-094369AC7017}: NameServer = 10.86.9.16,10.86.106.20
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

Any help would be appreciated.

Attached Files

0808c.txt 7.59KB 184 downloads

#1
stevearino

Posted 08 August 2007 - 07:48 PM

Attached Files

Advertisements

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Spyware infection that I cannot kill

#1 stevearino Posted 08 August 2007 - 07:48 PM

Attached Files

Advertisements

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Sign In

#1
stevearino

Posted 08 August 2007 - 07:48 PM